From ken at sdd.hp.com Thu Oct 1 00:50:03 1998 From: ken at sdd.hp.com (Ken Stone) Date: Tue Dec 2 02:24:30 2003 Subject: CVS code In-Reply-To: Your message of Thu, 01 Oct 1998 08:25:18 +1000. <773702019F1DD21196ED00A0C9D6526F48CE@EXCHANGE.distribution.com> Message-ID: <199810010050.RAA10247@hpsdlz.sdd.hp.com> > I don't have a dump because it doesn't seg fault on my RedHat 5.1 box. The > daemons continue to run, but whenever a client tries to access a service, I > get the PANIC: internal error messages in the log (the client gets an > "unexpected network error" message). > > I posted a Debug Level 10 log file back on Monday. Well, I see this in a level 10 ... [1998/09/30 17:41:03, 4] lib/username.c:map_username(89) Scanning username map /local/samba/lib/name-maps [1998/09/30 17:41:03, 3] lib/username.c:map_username(122) Mapped user kstone to ken [1998/09/30 17:41:03, 3] libsmb/namequery.c:resolve_name(481) resolve_name: Attempting lmhosts lookup for name SDNIPDC1 [1998/09/30 17:41:03, 3] libsmb/namequery.c:resolve_name(464) resolve_name: Attempting host lookup for name SDNIPDC1 [1998/09/30 17:41:03, 3] lib/util.c:open_socket_out(3306) Connecting to 15.57.161.19 at port 139 [1998/09/30 17:41:03, 0] lib/fault.c:fault_report(40) =============================================================== [1998/09/30 17:41:03, 0] lib/fault.c:fault_report(41) INTERNAL ERROR: Signal 11 in pid 10094 (2.0.0-prealpha) Please read the file BUGS.txt in the distribution [1998/09/30 17:41:03, 0] lib/fault.c:fault_report(43) =============================================================== [1998/09/30 17:41:03, 0] lib/util.c:smb_panic(4079) PANIC: internal error and the INTERNAL ERROR: Signal 11 tends to make believe that its is trying to dump core :-) .... I just can't find it if it is !! And my client (win95) says "This device does not exist on the network" -- Ken From aperrin at demog.Berkeley.EDU Thu Oct 1 03:41:21 1998 From: aperrin at demog.Berkeley.EDU (Andrew Perrin - Demography) Date: Tue Dec 2 02:24:30 2003 Subject: frustrated and lost In-Reply-To: <36129060.C85981B4@memcad.com> Message-ID: I believe the proble you're having is that you haven't set your smb password. Note that, because of NT's limitations, it's not (currently) possible to authenticate NT logins (or, more accurately, SMB logins) via the /etc/passwd file. (You can simulate this, I think, by using some of the PAM modules, but I don't know anything about those). The mksmbpasswd script just makes entries in the ~/private/smbpasswd file for users --- but the users' passwords are null (32 X's). You need to change your smb password by running samba/bin/smbpasswd; I suspect that's your problem. --------------------------------------------------------------------- Andrew J. Perrin - aperrin@demog.berkeley.edu - NT/Unix Admin/Support Department of Demography - University of California at Berkeley 2232 Piedmont Avenue #2120 - Berkeley, California, 94720-2120 USA http://demog.berkeley.edu/~aperrin --------------------------SEIU1199 On Thu, 1 Oct 1998, Amol Karnik wrote: > hi all, > > i've been trying to monitor this list for the past few weeks and was > trying to see if i can implement samba in my network here. > > i was been totally unsucessful in doing so, and am frustrated now. there > are a lot of doc files in the distribtion, but they keep on referring to > each other, and now i'm lost. > > i obtained the latest samba2.0prealpha cvs sources for the NTDOM Version > of samba and compiled it on a sun runnning solaris2.5.1 > > the docs said compile it with the -DNTDOMAIN flag ....but where ? > i added it to the Makefile in the sources dir in the CFLAGS line like > this : > CFLAGS=-g -I/usr/openwin/include -I/usr/dt/include -DNTDOMAIN > > i hope this is correct, because it compiled anyways. > > then i installed the samba binaries etc in /usr/local/samba. created a > smb.conf file > started the daemons manually. > > according to the ENCRYPTION.txt file, i created a smbpaswd file by doing > ypcat passwd | mksmbpasswd.sh >/usr/local/samba/private/smbpasswd > > and then changed the permission on the private dir and smpasswd file, > and then enabled the line "encrypt passwords = yes" > > i'm not going to have a NT server in the network, only workstations. in > fact right now ,i dont even have NT machine, but will get them next > week, and i wanted to check that this worked. doesnt seem to do so from > a sun using smbclient, and a win95 machine. both doesnt work, although > if i do smbclient -L sambaservername i get a list of shares etc, but the > user is "nobody". as myself, i cant use my unix password if i do > smbclient -L blue -U amol i get : > > "Session setup failed for username=amol myname=BLUE destname=BLUE > ERRSRV - ERRbadpw (Bad password - name/password pair in a Tree Connect > or Session Setup are invalid.)" > > does anyone know if there is a single document on the web which explain > how to set up samba as an NTdomain and password server, for idiots for > me? i dont even know at this stage if what i've written makes sense or > not...i'm lost. completely. > > unfortuntely i cant find one single document which explain all the steps > needs, clearly. this samba stuff seems to be meant for experienced > NT/network admins. > > - amol > From jerry at Eng.Auburn.EDU Thu Oct 1 01:29:25 1998 From: jerry at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:30 2003 Subject: frustrated and lost In-Reply-To: <36129060.C85981B4@memcad.com> Message-ID: <3.0.5.32.19980930202925.00901a00@pophost.eng.auburn.edu> At 07:12 AM 10/1/98 +1000, Amol Karnik wrote: >i was been totally unsucessful in doing so, and am frustrated now. there >are a lot of doc files in the distribtion, but they keep on referring to >each other, and now i'm lost. Sorry 'bout that. >i obtained the latest samba2.0prealpha cvs sources for the NTDOM Version >of samba and compiled it on a sun runnning solaris2.5.1 > >the docs said compile it with the -DNTDOMAIN flag ....but where ? which docs? The NTDOM FAQ seems to be the best place to start from. >i added it to the Makefile in the sources dir in the CFLAGS line like >this : >CFLAGS=-g -I/usr/openwin/include -I/usr/dt/include -DNTDOMAIN > >i hope this is correct, because it compiled anyways. You should run './configure' and the 'make'. Shouldn't need to edit the Makefile at all. >then i installed the samba binaries etc in /usr/local/samba. created a >smb.conf file >started the daemons manually. > >according to the ENCRYPTION.txt file, i created a smbpaswd file by doing >ypcat passwd | mksmbpasswd.sh >/usr/local/samba/private/smbpasswd > >and then changed the permission on the private dir and smpasswd file, >and then enabled the line "encrypt passwords = yes" OK. >i'm not going to have a NT server in the network, only workstations. in >fact right now ,i dont even have NT machine, but will get them next >week, and i wanted to check that this worked. doesnt seem to do so from >a sun using smbclient, and a win95 machine. both doesnt work, although >if i do smbclient -L sambaservername i get a list of shares etc, but the >user is "nobody". as myself, i cant use my unix password if i do >smbclient -L blue -U amol i get : > >"Session setup failed for username=amol myname=BLUE destname=BLUE >ERRSRV - ERRbadpw (Bad password - name/password pair in a Tree Connect >or Session Setup are invalid.)" Did you set the password for the account using smbpasswd? >does anyone know if there is a single document on the web which explain >how to set up samba as an NTdomain and password server, for idiots for >me? i dont even know at this stage if what i've written makes sense or >not...i'm lost. completely. It makes sense. Maybe I've been doing this too long ;) >unfortuntely i cant find one single document which explain all the steps >needs, clearly. this samba stuff seems to be meant for experienced >NT/network admins. Everything is changing so quickly it is hard to keep the docs up to date. It's a lot more fun to fix other things :) I have some suggestions from people about updating the FAQ and will try ot work on that tomorrow (famous last words). BTW...the NTDOM FAQ is linked off the main samba page (and mirrors) http://samba.anu.edu.au/samba j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From cartegw at Eng.Auburn.EDU Thu Oct 1 11:45:47 1998 From: cartegw at Eng.Auburn.EDU (Gerald W. Carter) Date: Tue Dec 2 02:24:30 2003 Subject: CVS code References: <199810010050.RAA10247@hpsdlz.sdd.hp.com> Message-ID: <36136B6B.85D6D1CF@eng.auburn.edu> Ken Stone wrote: > > and the INTERNAL ERROR: Signal 11 tends to make believe that its is > trying to dump core :-) .... I just can't find it if it is !! Make sure that 'limit coredumpsize 0' isn't set prior to running the smbd/nmbd process. Or whatever the equivalent is in the shell you're using. > And my client (win95) says "This device does not exist on the network" Is this for a printer or a disk share? There's some articles in the KB about problems with printers. j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From tom.turpin at rptg.ryobi.com Thu Oct 1 12:45:05 1998 From: tom.turpin at rptg.ryobi.com (Tom Turpin) Date: Tue Dec 2 02:24:30 2003 Subject: Smbpasswd problem with NT Wst Message-ID: <1E3CD9E2453ED211A85C080009DCA6690A1595@RYOBI4> I had two workstations up and working. Their password entries in the smbpasswd file were identical. In the process of bringing a third machine onto the domain, I noticed that the new third machine Doppler did not have identical passwd entries. Subsequently, it does not log into the Samba PDC correctly complaining that it's computer account or computer password is incorrect. Any ideas people? I went back and deleted one of the two working machines from the smbpasswd file and tried to add it back with smbpasswd -a -m jordan. That now corrupts the passwords so that they are not identical and it won't login properly. Thomas B. Turpin Engineering/CAD Systems Administration Ryobi Motor Products Phone: (864) 878-6331 ext. 4166 Fax: (864) 898-4088 E-mail: tom.turpin@rptg.ryobi.com From harald at penti.sit.fi Thu Oct 1 13:11:25 1998 From: harald at penti.sit.fi (Harald H Hannelius) Date: Tue Dec 2 02:24:30 2003 Subject: BUG: File read error. Message-ID: I have a linux Slackware 3.X with kernel 2.0.35 and samba pre-alpha 2.0.0. I have cvs'ed the latest code 1 Oct 98, 14:00 EET-DST. I have gotten the pdc thing up with encrypted passwords, and domain logins. When i map a share and try to access any file on any share I get an error like 'Network access is denied' (NT4) or 'The device does not exist on the network, reading drive H',' Abort,Retry,Fail', 'Failed on INT 24 - filename' (win98) if i try a 'type filename' on the client. I have looked at the log.machinename, and discovered this: [1998/10/01 15:39:27, 1] smbd/service.c:make_connection(482) arcsrv1 (193.167.32.70) connect to service harald as user harald (uid=527, gi d=100) (pid 25847) [1998/10/01 15:39:44, 0] smbd/process.c:smbd_process(838) Reloading services after SIGHUP [1998/10/01 15:39:44, 0] param/loadparm.c:service_ok(1681) No path in service printers - using /tmp [1998/10/01 15:39:44, 0] smbd/filename.c:print_stat_cache_statistics(103) stat cache stats: lookups = 4, hits = 1, misses = 3, stat cache was 25.000000 % effective. [1998/10/01 15:39:44, 0] lib/fault.c:fault_report(40) =============================================================== [1998/10/01 15:39:44, 0] lib/fault.c:fault_report(41) INTERNAL ERROR: Signal 11 in pid 25847 (2.0.0-prealpha) Please read the file BUGS.txt in the distribution [1998/10/01 15:39:44, 0] lib/fault.c:fault_report(43) =============================================================== [1998/10/01 15:39:44, 0] lib/util.c:smb_panic(4079) PANIC: internal error This shurely looks like a bug to me, so I started to strace smbd, and came up with this: [pid 25682] stat("sun", {st_mode=S_IFREG|0644, st_size=29, ...}) = 0 [pid 25682] stat("./", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0 [pid 25682] open("./", O_RDONLY) = 7 [pid 25682] fcntl(7, F_SETFD, FD_CLOEXEC) = 0 [pid 25682] brk(0x810e000) = 0x810e000 [pid 25682] SYS_141(0x7, 0x810b0f8, 0x1000, 0x7, 0x810b0d0) = 1172 [pid 25682] SYS_141(0x7, 0x810b0f8, 0x1000, 0x7, 0x810b0d0) = 1004 [pid 25682] SYS_141(0x7, 0x810b0f8, 0x1000, 0x7, 0x810b0d0) = 736 [pid 25682] SYS_141(0x7, 0x810b0f8, 0x1000, 0x7, 0x810b0d0) = 88 [pid 25682] SYS_141(0x7, 0x810b0f8, 0x1000, 0x7, 0x810b0d0) = 0 [pid 25682] close(7) = 0 [pid 25682] stat("./sun", {st_mode=S_IFREG|0644, st_size=29, ...}) = 0 [pid 25682] write(6, "\0\0\0\252\377SMB2\0\0\0\0\210A\0"..., 174) = 174 [pid 25682] select(7, [5 6], NULL, NULL, {10, 0}) = 1 (in [6], left {10, 0}) [pid 25682] read(6, "\0\0\0O", 4) = 4 [pid 25682] read(6, "\377SMB2\0\0\0\0\30\3\0\0\0\0\0\0"..., 79) = 79 [pid 25682] time(NULL) = 907244326 [pid 25682] stat("sun", {st_mode=S_IFREG|0644, st_size=29, ...}) = 0 [pid 25682] write(6, "\0\0\0b\377SMB2\0\0\0\0\210A\0\0"..., 102) = 102 [pid 25682] select(7, [5 6], NULL, NULL, {10, 0}) = 1 (in [6], left {10, 0}) [pid 25682] read(6, "\0\0\0X", 4) = 4 [pid 25682] read(6, "\377SMB\242\0\0\0\0\30\3\0f\200\0"..., 88) = 88 [pid 25682] time(NULL) = 907244326 [pid 25682] write(6, "\0\0\0#\377SMB\242\2\0\4\0\210\1"..., 39) = 39 [pid 25682] select(7, [5 6], NULL, NULL, {10, 0}) = 1 (in [6], left {10, 0}) [pid 25682] read(6, "\0\0\0U", 4) = 4 [pid 25682] read(6, "\377SMB2\0\0\0\0\30\3\0\0\0\0\0\0"..., 85) = 85 [pid 25682] time(NULL) = 907244326 [pid 25682] stat("DPATH/sun", 0xbfffeba8) = -1 ENOENT (No such file or director y) So, the smbd find the file 'sun', but when i request a read() it segfaults. Why? libc-5.4.44, gcc 2.7.2.3 Should I maybe try to compile the monster with egcs or something? btw, what is DPATH? I'm not that good at C... =========================================================== Harald H Hannelius | harald@sit.fi | GSM +358405470870 Mauritzgatan 14D41 | www.iki.fi/~harald | Pho +35892783568 00170 HKI FINLAND | harald@iki.fi | Fax +35892783568 =========================================================== From ken at sdd.hp.com Thu Oct 1 14:05:34 1998 From: ken at sdd.hp.com (Ken Stone) Date: Tue Dec 2 02:24:30 2003 Subject: CVS code In-Reply-To: Your message of Thu, 01 Oct 1998 06:45:47 -0500. <36136B6B.85D6D1CF@eng.auburn.edu> Message-ID: <199810011405.HAA27697@hpsdlz.sdd.hp.com> First all, thanks for the help ... but I have to say it ... ##### # # #### # # # # #### # # # # # # # # # # ##### #### # # # # #### # #### # # # # # # # # # # # #### # # # # # # # # # # # # # # #### ###### #### Old habits die hard :-) > Make sure that 'limit coredumpsize 0' isn't set prior to running > the smbd/nmbd process. Or whatever the equivalent is in the > shell you're using. All set there ... > > And my client (win95) says "This device does not exist on the network" > > Is this for a printer or a disk share? There's some articles in the KB > about problems with printers. Both ... share and printer ... same error message from multiple clients. I'll also try and NT4.0 client today and see what it does. Just FYI ... I rm -rf'd the source directory, did a cvs update again to fix all up and still see the same problem. -- Ken From icoupeau at unav.es Thu Oct 1 14:09:12 1998 From: icoupeau at unav.es (Ignacio Coupeau) Date: Tue Dec 2 02:24:30 2003 Subject: Smbpasswd problem with NT Wst References: <1E3CD9E2453ED211A85C080009DCA6690A1595@RYOBI4> Message-ID: <36138D08.D8330266@unav.es> Tom Turpin wrote: > > I had two workstations up and working. Their password entries in the > smbpasswd file were identical. In the process of bringing a third machine > onto the domain, I noticed that the new third machine Doppler did not have > identical passwd entries. Subsequently, it does not log into the Samba PDC > correctly complaining that it's computer account or computer password is > incorrect. Any ideas people? I went back and deleted one of the two > working machines from the smbpasswd file and tried to add it back with > smbpasswd -a -m jordan. That now corrupts the passwords so that they are > not identical and it won't login properly. > We have the same problem with the 09/26 prealpha version. The smbpasswd file was corrupted if: 1. a new user is added 2. a computer is added to domain replacing the bin/smpasswd with older one, solve the problem (1), but the problem (2) persists... the process for add a new machime uses similar code (routines) to smpasswd but perhaps no the smbpasswd... so, now we have the 09/23 version instead the 09/26. Previous to corrupt the entire file, the [W] or [U] fields in the smbpasswd lines sounds like: [W ] or [U ] (with spaces). Our smbpasswd file has 13.000 entries (420 machines plus 12580 users). ____________________________________________________ Ignacio Coupeau, Ph.D. e-mail: icoupeau@unav.es CTI, Director fax: +48 425619 University of Navarra voice: +48 425600 Pamplona, SPAIN http://www.unav.es/cti/ From aperrin at demog.Berkeley.EDU Thu Oct 1 15:20:21 1998 From: aperrin at demog.Berkeley.EDU (Andrew Perrin - Demography) Date: Tue Dec 2 02:24:31 2003 Subject: Smbpasswd problem with NT Wst In-Reply-To: <1E3CD9E2453ED211A85C080009DCA6690A1595@RYOBI4> Message-ID: Tom - my understanding of this is that the smbpasswd -a -m (machinename) changes the entry back to the ORIGINAL password for that machine; periodically, machines change their passwords with the PDC for security reasons. That's why re-joining the domain without re-smbpasswd'ing doesn't work, and (I expect) why re-smbpasswd'ing without re-joining doesn't work. You might find it useful to read through the archives of this list; it sounds like you're running into several problems others (including me!) have run into before. Best, Andy Perrin --------------------------------------------------------------------- Andrew J. Perrin - aperrin@demog.berkeley.edu - NT/Unix Admin/Support Department of Demography - University of California at Berkeley 2232 Piedmont Avenue #2120 - Berkeley, California, 94720-2120 USA http://demog.berkeley.edu/~aperrin --------------------------SEIU1199 On Thu, 1 Oct 1998, Tom Turpin wrote: > I had two workstations up and working. Their password entries in the > smbpasswd file were identical. In the process of bringing a third machine > onto the domain, I noticed that the new third machine Doppler did not have > identical passwd entries. Subsequently, it does not log into the Samba PDC > correctly complaining that it's computer account or computer password is > incorrect. Any ideas people? I went back and deleted one of the two > working machines from the smbpasswd file and tried to add it back with > smbpasswd -a -m jordan. That now corrupts the passwords so that they are > not identical and it won't login properly. > > Thomas B. Turpin > Engineering/CAD Systems Administration > Ryobi Motor Products > > Phone: (864) 878-6331 ext. 4166 > Fax: (864) 898-4088 > E-mail: tom.turpin@rptg.ryobi.com > > From lkcl at switchboard.net Thu Oct 1 15:21:42 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:31 2003 Subject: frustrated and lost In-Reply-To: Message-ID: On Thu, 1 Oct 1998, Andrew Perrin - Demography wrote: > I believe the proble you're having is that you haven't set your smb > password. Note that, because of NT's limitations, it's not (currently) > possible to authenticate NT logins (or, more accurately, SMB logins) via > the /etc/passwd file. (You can simulate this, I think, by using some of > the PAM modules, but I don't know anything about those). the PAM module you are referring to is pam_ntdom, and it requires either a samba server (which requires a ~/private/smbpasswd file) or an NT PDC (which requires the _equivalent_ of a private/smbpasswd file). in other words, you can't win: you _must_ use nt/lm 16 byte clear-text equivalent hashes. From jwelsch at gundaker.com Thu Oct 1 04:39:18 1998 From: jwelsch at gundaker.com (Jeff Welsch) Date: Tue Dec 2 02:24:31 2003 Subject: subscribe Message-ID: <36130776.BBC6FDF5@gundaker.com> subscribe please add me to the samba-ntdom mailing list. From shui at pointsnorth.com Thu Oct 1 15:48:32 1998 From: shui at pointsnorth.com (shui@pointsnorth.com) Date: Tue Dec 2 02:24:31 2003 Subject: HELP: How to enable domain logon from Windows NT workstation??? Message-ID: <87256690.0056CA52.00@yxepna01.pointsnorth.com> Hello Folks, I I'm in an urgent need to set up my Samba server to act as domain logon server for NT workstation and it'd be grateful if anyone could offer advise on how to do it. I'm currently running SambaV1.9.18p8 on a Solaris 2.6 box. I've set up domain logon for all Windows 98 clients and everything works fine. However, we've just installed a few PCs with Windows NT. My questions are: 1. Can SambaV1.9.18p8 support domain logon for NT workstations? If not, which version has this function? I browsed through the CVS archive and there are so many versions out there and I don't know which one is stable enought to use. 2. The current configuration on smb.conf for Windows 98 domain logon does not work for NT. On the NT workstation, I can "net use" the directories shared by Samba but I just can't logon using Samba password. I read from the FAQ saying that I need to add the NT workstation's machine name in the smbpasswd in order for domain logon to work. Is that a must? 2. Right now, I enable "passwd sync" on the samba server such that any password change issued from Windows 98 will cause the samba and Unix password to be changed. Can I do the same thing on NT? i.e. Issuing a network password change request on NT to change Samba and Unix password at the same time? I'm sure that a lot of people have already done the same thing to NT. Please, any feedback or pointer is greatly appreciated. Thank you all for your attention! Sandie From tom.turpin at rptg.ryobi.com Thu Oct 1 15:56:15 1998 From: tom.turpin at rptg.ryobi.com (Tom Turpin) Date: Tue Dec 2 02:24:31 2003 Subject: Smbpasswd problem with NT Wst Message-ID: <1E3CD9E2453ED211A85C080009DCA6690A1597@RYOBI4> Problem turned out to be that I had apparently killed and restarted the smbd after joining the domain but before NT rebooted. It is vital that you so smbpasswd -a -m then have the machine join the domain, then wait for it to reboot before you make any changes to the SMB Domain or restart the daemons. Thanks for the help. Maybe this could also be documented in the FAQ or docs. Thomas B. Turpin Engineering/CAD Systems Administration Ryobi Motor Products Phone: (864) 878-6331 ext. 4166 Fax: (864) 898-4088 E-mail: tom.turpin@rptg.ryobi.com > -----Original Message----- > From: Andrew Perrin - Demography [SMTP:aperrin@demog.Berkeley.EDU] > Sent: Thursday, October 01, 1998 11:20 AM > To: Tom Turpin > Cc: Multiple recipients of list > Subject: Re: Smbpasswd problem with NT Wst > > Tom - my understanding of this is that the smbpasswd -a -m (machinename) > changes the entry back to the ORIGINAL password for that machine; > periodically, machines change their passwords with the PDC for security > reasons. That's why re-joining the domain without re-smbpasswd'ing > doesn't work, and (I expect) why re-smbpasswd'ing without re-joining > doesn't work. > > You might find it useful to read through the archives of this list; it > sounds like you're running into several problems others (including me!) > have run into before. > > Best, > Andy Perrin > > --------------------------------------------------------------------- > Andrew J. Perrin - aperrin@demog.berkeley.edu - NT/Unix Admin/Support > Department of Demography - University of California at Berkeley > 2232 Piedmont Avenue #2120 - Berkeley, California, 94720-2120 USA > http://demog.berkeley.edu/~aperrin --------------------------SEIU1199 > > On Thu, 1 Oct 1998, Tom Turpin wrote: > > > I had two workstations up and working. Their password entries in the > > smbpasswd file were identical. In the process of bringing a third > machine > > onto the domain, I noticed that the new third machine Doppler did not > have > > identical passwd entries. Subsequently, it does not log into the Samba > PDC > > correctly complaining that it's computer account or computer password is > > incorrect. Any ideas people? I went back and deleted one of the two > > working machines from the smbpasswd file and tried to add it back with > > smbpasswd -a -m jordan. That now corrupts the passwords so that they > are > > not identical and it won't login properly. > > > > Thomas B. Turpin > > Engineering/CAD Systems Administration > > Ryobi Motor Products > > > > Phone: (864) 878-6331 ext. 4166 > > Fax: (864) 898-4088 > > E-mail: tom.turpin@rptg.ryobi.com > > > > > > From amol at memcad.com Thu Oct 1 16:05:11 1998 From: amol at memcad.com (Amol Karnik) Date: Tue Dec 2 02:24:31 2003 Subject: frustrated and lost References: <3.0.5.32.19980930202925.00901a00@pophost.eng.auburn.edu> Message-ID: <3613A837.E140F03C@memcad.com> ok i'm getting closer to setting samba as a PDC on a sun machine now...thanks to all, for your patience and understanding...its tough stuff you know, especially when i have no idea what i'm doing. now, i have security = server, password server = sambaserverhostname and encrypt passwords turned off. i'm testing everything using smbclient on the same machine ( the samba server ) i can do for eg, smbclient '\\blue\tmp' and it asks me for my passwd and puts me in /tmp .. i can do this for some users, and not for others.... whats going on here? of the users i can do this for, i had specifically run smbpasswd to change the passwd in the private/smbpasswd file. for one, the fields are still XXX's. the same as when i ran mksmbpasswd on the /etc/passwd file. these all work ok... so that means that a smbpasswd doesnt need to be run. now for one user, it just wont log him in. i tried leaving the smpasswd entry intact ( all XXXXX's) and also by running smbpasswd and changing the password. from the logs i gathered that there were some lines which said ================================================ [1998/10/01 11:45:31, 3] libsmb/namequery.c:(481) resolve_name: Attempting lmhosts lookup for name BLUE [1998/10/01 11:45:31, 4] libsmb/namequery.c:(317) startlmhosts: Can't open lmhosts file /usr/local/samba/lib/lmhosts. Error was No such file or directory [1998/10/01 11:45:31, 3] libsmb/namequery.c:(464) resolve_name: Attempting host lookup for name BLUE [1998/10/01 11:45:31, 1] smbd/password.c:(947) Password server loop - disabling password server BLUE [1998/10/01 11:45:31, 0] smbd/password.c:(959) password server not available [1998/10/01 11:45:31, 3] smbd/negprot.c:(409) Selected protocol NT LANMAN 1.0 [1998/10/01 11:45:31, 5] smbd/negprot.c:(416) negprot index=7 [1998/10/01 11:45:31, 5] lib/util.c:(955) ============================================== this doesnt happen to other users. i tried logging on from a win95 machine and it let me login ok ,and when i browsed over to the samba server, it had automatically given me my home dir. it doesnt do it for this one person however. any clues folks? regards, amol From jallison at cthulhu.engr.sgi.com Thu Oct 1 17:12:10 1998 From: jallison at cthulhu.engr.sgi.com (Jeremy Allison) Date: Tue Dec 2 02:24:31 2003 Subject: Smbpasswd problem with NT Wst References: <1E3CD9E2453ED211A85C080009DCA6690A1595@RYOBI4> <36138D08.D8330266@unav.es> Message-ID: <3613B7EA.F858E0@engr.sgi.com> Ignacio Coupeau wrote: > We have the same problem with the 09/26 prealpha version. The smbpasswd > file was corrupted if: > 1. a new user is added > 2. a computer is added to domain > Oh damn. I recently added a patch to widen the fields in the smbpasswd file to allow easier maintenance. I thought I'd got the code so that it wouldn't overwrite older style entries with the smaller [U] or [W] fields. Newer entries would be added with the spaces. Could someone try the latest CVS code and test if the two cases above are breaking the code that parses the smbpasswd file ? In my tests everything seems to work ok. Regards, Jeremy Allison, Samba Team. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From cartegw at Eng.Auburn.EDU Thu Oct 1 17:54:07 1998 From: cartegw at Eng.Auburn.EDU (Gerald W. Carter) Date: Tue Dec 2 02:24:31 2003 Subject: Smbpasswd problem with NT Wst References: Message-ID: <3613C1BF.D33F2B09@eng.auburn.edu> Andrew Perrin - Demography wrote: > > Tom - my understanding of this is that the smbpasswd -a -m (machinename) > changes the entry back to the ORIGINAL password for that machine; > periodically, machines change their passwords with the PDC for security > reasons. That's why re-joining the domain without re-smbpasswd'ing > doesn't work, and (I expect) why re-smbpasswd'ing without re-joining > doesn't work. Andrew is correct. smbpasswd -a -m create the LMHASH and NTHASH entries. Once the machine jjoins the domain it will change the machine password and **both** fields will be the NTHASH. There have been some reports of problems with the smbpasswd command (one or two) but have not been worked out yet or reproduced. So i'm not sure what to say about that. j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From tom.turpin at rptg.ryobi.com Thu Oct 1 17:58:33 1998 From: tom.turpin at rptg.ryobi.com (Tom Turpin) Date: Tue Dec 2 02:24:31 2003 Subject: Emergency: Unable to take ownership of files Message-ID: <1E3CD9E2453ED211A85C080009DCA6690A1598@RYOBI4> I have moved one user over to this new CAD domain. He needs to take possession of his files that he had in the RDOMAIN. Is it possible? If so, how? The owner of the file shows as Machine\Administrators and gives the following error: Unable to take ownership because the account "CAD\00000413" could not be accessed on the remote machine due to the following error: The account could not be found. I have solve this one ASAP. Thomas B. Turpin Engineering/CAD Systems Administration Ryobi Motor Products Phone: (864) 878-6331 ext. 4166 Fax: (864) 898-4088 E-mail: tom.turpin@rptg.ryobi.com From cartegw at Eng.Auburn.EDU Thu Oct 1 18:02:59 1998 From: cartegw at Eng.Auburn.EDU (Gerald W. Carter) Date: Tue Dec 2 02:24:31 2003 Subject: Emergency: Unable to take ownership of files References: <1E3CD9E2453ED211A85C080009DCA6690A1598@RYOBI4> Message-ID: <3613C3D3.9C1C7AB@eng.auburn.edu> Tom Turpin wrote: > > I have moved one user over to this new CAD domain. He needs to take > possession of his files that he had in the RDOMAIN. Is it possible? If so, > how? The owner of the file shows as Machine\Administrators and gives the > following error: > > Unable to take ownership because the account "CAD\00000413" could > not be accessed on the remote machine due to the following error: > The account could not be found. > > I have solve this one ASAP. You can try updateng the source. Luke has just introduced some new functions ( lsalookupsid() ), or you can make the user copy the files to a samba share where you can configure ownership on the unix side of things. Sorry but this is one area where the code is almost there but still a few things to figure out.:\ j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From joseph.dries at lmco.com Thu Oct 1 19:11:36 1998 From: joseph.dries at lmco.com (Dries, Joseph) Date: Tue Dec 2 02:24:31 2003 Subject: Samba NT Authentication Security Question Message-ID: All- I have an issue that just surfaced with our Network Appliance Filer, and since it's so similar to Samba, I had to start asking myself the question regarding samba. Since I couldn't come up with a good enough answer here, or in the ml-archive, I'm asking here. The situation is regarding NT account authentication to UNIX boxes using /etc/smbusers (/etc/usermap.cfg on NetApp filer). The problem on the NetApp is as follows: It uses the /etc/usermap.cfg to map NT account names to UNIX account names (for uid permissions on the fs, etc.) In this configuration, it is similar to running Samba in "security = domain", "password server = ntpdc" mode, which is exactly how I have samba configured. However, when sharing out the CIFS.home_dir option, the NetApp filer uses the NT account name to match the home directory, not the mapped UNIX account name. Very inconsistent, both with the security scheme and the documentation. That aside, their comment was that any directory that matches the NT account name, and has access via the UNIX account name will work with the CIFS.home_dir option. On the NetApp filer's /etc/usermap.cfg file you can map ntuser to uuser, or DOMAIN\ntuser to uuser. This flexibility of specifying a specific domain account to UNIX user is infinitely more flexible and secure than the current Samba scheme, where it just matches name for name, or name listed in the /etc/smbusers. I was told previously on this list that this feature might make it into Samba 2.x. I hope it does. The problem, if not immediately obvious, is this: If the domain that the NetApp filer and Samba servers reside trust other domains; any account in those trusted domains that matches the UNIX account will immediately gain access to the UNIX fs files. This isn't necessarily (and in the case of my company's situation, definitely not) what is wanted. The question, after all that background is: Is/will there be a way to explicitly restrict access and authentication to Samba servers to those accounts listed in the /etc/smbusers file? Hopefully that will be coupled with the DOMAIN\ntuser definition/syntax, allowing me to do the following: Samba server is in RES domain. There exists a juser in RES domain. There is a juser in the ACCT1 domain, and a jquser in ACCT4 domain. The NT user that should be mapped to the UNIX juser is ACCT4\jquser. That currently works, via /etc/smbusers, but if RES\juser and ACCT1\juser tried to open the Samba server, they too would have access to everything owned by ACCT4\jquser. Hopefully if there was an option for explicitly defined users, every share that did not allow guests would only allow those users, as mapped and defined in /etc/smbusers, to authenticate and access those shares. As it is now, with Samba, all three accounts can access those files. (With the Network Appliance, believe it or not, all three accounts would have access to files owned by the UNIX account juser, but for ACCT4\jquser, no home share would be available since the NT name does not match the UNIX fs mount point.) Am I missing something? Is something in the works for a future alpha/beta release? Or is my situation so unique that this doesn't require addressing? Thanks, -j -- Joseph F. Dries III Lockheed Martin / EIS Government Electronic Systems / IT&P Advanced Technology/OS Group mailto:joseph.dries@lmco.com From thwartedefforts at wonky.org Thu Oct 1 20:01:12 1998 From: thwartedefforts at wonky.org (thwartedefforts@wonky.org) Date: Tue Dec 2 02:24:31 2003 Subject: cvs 980930 problem with NT password server Message-ID: <19981001200112.6775.cpmta@fillmore.criticalpath.net> Using source from 98-09-30, I get the following in the logs (debug level = 1, unfortunately I had to revert to a previous version because folks decided they wanted to use the system all of a sudden; if necessary, I'll get a better log file, let me know): [1998/10/01 15:05:32, 1] smbd/password.c:server_cryptkey(976) MERCURY.REAC.COM rejected the session [1998/10/01 15:05:34, 1] smbd/password.c:server_validate(1012) password server is not connected [1998/10/01 15:05:34, 0] smbd/reply.c:reply_sesssetup_and_X(655) NT Password did not match ! Defaulting to Lanman [1998/10/01 15:05:39, 1] smbd/password.c:server_cryptkey(976) MERCURY.REAC.COM rejected the session [1998/10/01 15:05:41, 1] smbd/password.c:server_validate(1012) password server is not connected [1998/10/01 15:05:41, 0] smbd/reply.c:reply_sesssetup_and_X(655) NT Password did not match ! Defaulting to Lanman [1998/10/01 15:10:39, 1] smbd/password.c:server_cryptkey(976) MERCURY.REAC.COM rejected the session [1998/10/01 15:10:41, 1] smbd/password.c:server_validate(1012) password server is not connected [1998/10/01 15:10:41, 0] smbd/reply.c:reply_sesssetup_and_X(655) NT Password did not match ! Defaulting to Lanman The previous version I was using was from cvs 98-09-09 and worked perfectly. Here are the revelant portions of my conf file, which did not change between the versions: security = server password server = mercury.reac.com username map = /etc/smb.usermap workgroup = REAC encrypt passwords = yes The exact setup is kind of interesting. I have one samba server sitting on a Linux RH5.1 box named jupiter. It is net bios aliased as uranus also. Using includes, if the machine is accessed as uranus, then it uses the security = server and workgroup = REAC as above. If it's accessed as jupiter, it's a domain controller for the domain REACNET (this has caused some oddities with browsing, but that's far down on my list of things to worry about :) ). Essentially, uranus uses a password server, and jupiter does password auth (and domain logons) itself. This strangeness is to ease the transition to a pure samba controlled domain (does anyone else have something similar setup?). With the cvs 98-09-30, when NT clients (and smbclient) access uranus, it always outputs, into the log, the log clip from above and access through the uranus alias is always denied. I'm using the same command line and options when using smbclient with the cvs 98-09-09 build and the cvs 98-09-30 build. As jupiter, it's fine. All the NT machines, the clients and the NT Server mercury, are SP3. After reverting to the 09-09 code, it goes back to working. Event log on mercury shows successful logins from jupiter when I run smbclient, but it also shows failed logons (could be because smbclient is trying different kinds of mixed case) this is the same for both versions of the code. Seeing as how it's already a day later though, this may be fixed, so I'll download and give another try. :) I notice that some people say they are using version 2.0.0-alpha8 or something like that of samba. Where is that 8 coming from? I'm not all that well versed in cvs, so I may be missing some label or something in the download. Andy Bakun. thwartedefforts@wonky.org From lkcl at switchboard.net Thu Oct 1 21:12:46 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:31 2003 Subject: Samba NT Authentication Security Question In-Reply-To: Message-ID: joseph, oct 12th several of the samba team members will be at the cifs conference. for that entire week, there is an "interop" lab. netapp will be there: there are 15 cifs vendors in total at the interop. issues like the one you have raised i am looking forward to bashing out with everyone there, netapp and samba team and others. luke From eric at snowmoon.com Thu Oct 1 23:16:57 1998 From: eric at snowmoon.com (Eric Warnke) Date: Tue Dec 2 02:24:31 2003 Subject: Samba NT Authentication Security Question Message-ID: <001901bded91$9ae56e50$0200000a@lorax.insidenet> >issues like the one you have raised i am looking forward to bashing out >with everyone there, netapp and samba team and others. I would watch that on Pay-Per-View... :) -Eric From eparis at ven.ra.rockwell.com Fri Oct 2 04:12:25 1998 From: eparis at ven.ra.rockwell.com (Eloy A. Paris) Date: Tue Dec 2 02:24:31 2003 Subject: Jeremy: your mail is bouncing Message-ID: Jeremy: Your mail is bouncing: Returned mail: /usr/people/jallison/.forward: line 1: "|/usr/sbin/vacation jallison"... User jallison@legion.engr.sgi.com doesn't have a valid shell for mailing to programs Please see below my original message as I think there is something wrong in the latest changes to smbpass.c. Eloy.- ---------- Forwarded message ---------- Date: Thu, 1 Oct 1998 15:16:20 -0700 (PDT) From: Mail Delivery Subsystem To: eparis@ven.ra.rockwell.com Subject: Returned mail: /usr/people/jallison/.forward: line 1: "|/usr/sbin/vacation jallison"... User jallison@legion.engr.sgi.com doesn't have a valid shell for mailing to programs The original message was received at Thu, 1 Oct 1998 15:16:08 -0700 (PDT) from cthulhu.engr.sgi.com [192.26.80.2] ----- The following addresses had permanent fatal errors ----- "|/usr/sbin/vacation jallison" (expanded from: ) ----- Transcript of session follows ----- 550 /usr/people/jallison/.forward: line 1: "|/usr/sbin/vacation jallison"... User jallison@legion.engr.sgi.com doesn't have a valid shell for mailing to programs ----- Original message follows ----- Received: from cthulhu.engr.sgi.com (cthulhu.engr.sgi.com [192.26.80.2]) by legion.engr.sgi.com (980427.SGI.8.8.8/970903.SGI.AUTOCF) via ESMTP id PAA61889 for ; Thu, 1 Oct 1998 15:16:08 -0700 (PDT) Return-Path: Received: from sgi.sgi.com (sgi.engr.sgi.com [192.26.80.37]) by cthulhu.engr.sgi.com (980427.SGI.8.8.8/970903.SGI.AUTOCF) via ESMTP id PAA44567 for ; Thu, 1 Oct 1998 15:16:07 -0700 (PDT) mail_from (eparis@ven.ra.rockwell.com) Received: from extfw.mke.ra.rockwell.com (extfw.mke.ra.rockwell.com [192.94.123.11]) by sgi.sgi.com (980327.SGI.8.8.8-aspam/980304.SGI-aspam: SGI does not authorize the use of its proprietary systems or networks for unsolicited or bulk email from the Internet.) via ESMTP id PAA03108 for ; Thu, 1 Oct 1998 15:16:05 -0700 (PDT) mail_from (eparis@ven.ra.rockwell.com) Received: (from uucp@localhost) by extfw.mke.ra.rockwell.com (8.9.1/8.9.1) id RAA16325 for ; Thu, 1 Oct 1998 17:16:04 -0500 (CDT) Received: from relay1.ra.rockwell.com(130.151.103.32) by extfw.mke.ra.rockwell.com via smap (3.2) id xma006994; Thu, 1 Oct 98 15:15:38 -0500 Received: from zeus.ven.ra.rockwell.com (eparis@zeus.ven.ra.rockwell.com [130.151.17.154]) by relay1.ra.rockwell.com (8.8.6/8.8.6) with ESMTP id PAA29649 for ; Thu, 1 Oct 1998 15:14:00 -0500 (CDT) Received: (from eparis@localhost) by zeus.ven.ra.rockwell.com (8.8.8/8.8.8/Debian/GNU) id QAA23232 for jallison@cthulhu.engr.sgi.com; Thu, 1 Oct 1998 16:12:11 -0400 Date: Thu, 1 Oct 1998 16:12:11 -0400 From: "Eloy A. Paris" Message-Id: <199810012012.QAA23232@zeus.ven.ra.rockwell.com> To: jallison@cthulhu.engr.sgi.com Subject: Re: Smbpasswd problem with NT Wst X-Newsgroups: lists.samba-ntdom In-Reply-To: <1E3CD9E2453ED211A85C080009DCA6690A1595@RYOBI4> <3613B7EA.F858E0@engr.sgi.com> User-Agent: tin/pre-1.4-980226 (UNIX) (Linux/2.0.35 (i686)) Hi Jeremy, In article <3613B7EA.F858E0@engr.sgi.com> you wrote: > Oh damn. I recently added a patch to widen the fields > in the smbpasswd file to allow easier maintenance. Yup, I noticed the change. > I thought I'd got the code so that it wouldn't overwrite > older style entries with the smaller [U] or [W] fields. I am not sure about this. I got the "mod_smbfilepwd_entry: check fail on file /etc/samba/smbpasswd." message when I had the old smbpasswd format. But... I would not worry because the format was so old that it dated back to when I created my smbpasswd out of my /etc/passwd (so fields like shell, home directory, etc. where in there). Since I had that problem and my smbpasswd is very small (I am the only one testing this stuff here) I created it from scratch, in the new format. > Newer entries would be added with the spaces. Yup, that's working fine. > Could someone try the latest CVS code and test if > the two cases above are breaking the code that parses > the smbpasswd file ? > > In my tests everything seems to work ok. You know, I am seeing something strange. When parsing the smbpasswd file, mod_smbfilepwd_entry is failing on a sanity test: [1998/10/01 14:22:37, 0] passdb/smbpass.c:mod_smbfilepwd_entry(921) mod_smbfilepwd_entry: read fail on file /etc/samba/smbpasswd. [1998/10/01 14:22:37, 0] passdb/smbpass.c:mod_smbfilepwd_entry(922) mod_smbfilepwd_entry: count=96, wr_len=99 [1998/10/01 14:22:37, 0] passdb/smbpass.c:mod_smbfilepwd_entry(923) mod_smbfilepwd_entry: linebuf:":" "A" "3" "4" "C" "C" "D" "E" "4" "3" "B" "0" "E" "5" "2" "F" "B" "A" "A" "D" "3" "B" "4" "3" "5" "B" "5" "1" "4" "0" "4" "E" "E" ":" "C" "2" "C" "B" "0" "9" "8" "A" "6" "F" "A" "9" "F" "6" "8" "2" "8" "5" "2" "3" "E" "8" "E" "D" "7" "7" "1" "0" "A" "8" "A" "2" ":" "[" "W" " " " " " " " " " " " " " " " " " " " " "]" ":" "L" "C" "T" "-" "3" "6" "1" "3" "B" "8" "F" "8" ":" "\r" "\r" As you see I added some debugging code. I haven't found what's wrong, though. My smbpasswd file is this: --- begin --- # # SMB password file. # jam$:2001:71695E9103354E6FAAD3B435B51404EE:D0716B70B62486C2BA4A6AC725A21C83:[W ]:LCT-36125F33: eparis:1000:8C76DB020E4521271AA818381E4E281B:0DFC4E0A35A8F5A87CCFB46F1A82264E:[U ]:LCT-3613A359: peloy:1080:8C76DB020E4521271AA818381E4E281B:0DFC4E0A35A8F5A87CCFB46F1A82264E:[U ]:LCT-3613B8E9: chapu$:2000:A34CCDE43B0E52FBAAD3B435B51404EE:C2CB098A6FA9F6828523E8ED7710A8A2:[W ]:LCT-3613B8F8: --- end As you see, the problem happens when parsing the last line (the one for chapu$). I can login into the Samba PDC from the Chapu workstation, though. So I don't know what are the effects of this failed test. Can you see what's wrong just with this I've told you? Bye for now. Eloy.- From eparis at ven.ra.rockwell.com Fri Oct 2 10:21:47 1998 From: eparis at ven.ra.rockwell.com (Eloy A. Paris) Date: Tue Dec 2 02:24:31 2003 Subject: Jeremy: your mail is bouncing In-Reply-To: Message-ID: Hi Anders, On Fri, 2 Oct 1998, Anders Blomdell wrote: > Hi, > > Your debugging output looks peculiar: > > >You know, I am seeing something strange. When parsing the smbpasswd > >file, mod_smbfilepwd_entry is failing on a sanity test: [...] > >"8" ":" "\r" "\r" > \r's should not be in the file at all; could it be that you have edited the > file with some PC editor that has added CRLF's to the file? > On the other hand maybe the could should treat \r's and \n's as equivalent? > Get rid of the \r's and try again. Opppssss!!! I should have explained this :-) The debug code had a DEBUG(... "%c", linubuf[i] ...)). So, Carriage Return (ASCII 0xa) look like this when printed as %c: .... "8" ":" " " " " So, I manually "re-touched" these to make them look like "\r" :-) The smbpasswd file was created by the smbpasswd command and in some cases edited with vi. See ya! Eloy.- From icoupeau at unav.es Fri Oct 2 12:53:52 1998 From: icoupeau at unav.es (Ignacio Coupeau) Date: Tue Dec 2 02:24:31 2003 Subject: Smbpasswd problem with NT Wst References: <1E3CD9E2453ED211A85C080009DCA6690A1595@RYOBI4> <36138D08.D8330266@unav.es> <3613B7EA.F858E0@engr.sgi.com> Message-ID: <3614CCE0.133259A8@unav.es> Jeremy Allison wrote: > > Ignacio Coupeau wrote: > > > We have the same problem with the 09/26 prealpha version. The smbpasswd > > file was corrupted if: > > 1. a new user is added > > 2. a computer is added to domain > > > > Oh damn. I recently added a patch to widen the fields > in the smbpasswd file to allow easier maintenance. > > I thought I'd got the code so that it wouldn't overwrite > older style entries with the smaller [U] or [W] fields. > > Newer entries would be added with the spaces. > > Could someone try the latest CVS code and test if > the two cases above are breaking the code that parses > the smbpasswd file ? We are testing the 091001 CVS version in a Pentium with linux (kernel 2.1.118) We added some machines/users and attach/detach to/from domain several WS and the smbpasswd file looks this: [root@pdc1 private]# tail -f smbpasswd G16$:1016:97413AB7F658E674AAD3B435B51404EE:4A8B94306E8B54215D18B19FA059E39E:[W ]:LCT-3614CB94: G17$:1017:4E9113B7583B720EAAD3B435B51404EE:6150239BA41A2E12F37B7E286F25A9BA:[W ]:LCT-3614CB97: G18$:1018:89D6E7FF3B2DB92CAAD3B435B51404EE:005F41052114E3070218ACCB168E26C1:[W ]:LCT-3614CB99: G19$:1019:6E0C2B822C2AD96AAAD3B435B51404EE:3CD971BA0E9C8BA64BF95DE5887BEBA6:[W ]:LCT-3614CB9C: this version don't corrupts the smbpasswd file. Thanks, Ignacio ____________________________________________________ Ignacio Coupeau, Ph.D. e-mail: icoupeau@unav.es CTI, Director fax: +48 425619 University of Navarra voice: +48 425600 Pamplona, SPAIN http://www.unav.es/cti/ From monica at qmaster.com Thu Oct 1 22:11:20 1998 From: monica at qmaster.com (Monica Lillico) Date: Tue Dec 2 02:24:31 2003 Subject: Sharing printers via Win95 and NT4.0 Message-ID: <3613FE04.AF67ADB4@qmaster.com> Currently, I am attempting to share out my printers using Samba 1.9.18p10 on hp735 (hpux version 10). I am able to access the printers from Windows 95 and download the drivers to those machines, but I am unable to do so with Windows NT 4.0. The documentation stated that it was only compatible with Windows 95 at that time. Has there been any progress made for compatibility with NT 4.0? Also, when I go to install the printer on a Win95 machine, I get to the point where it's going to pick the correct driver and it presents me with a list of drivers as opposed to automatically downloading/copying the drivers. It will copy the correct drivers when I put \\hp735\printer$ as the location, though... Any help would be greatly appreciated! Monica. -- _______________________________________________________ Monica Lillico QMaster Software Solutions Inc. Technical Analyst Suite 1730 - 840 - 7th Ave. SW Calgary, AB T2P 3G2 Phone (403) 264-8322 monica@qmaster.com 1-800-337-1872 http://www.qmaster.com Fax (403) 265-5307 _______________________________________________________ From aperrin at demog.Berkeley.EDU Fri Oct 2 15:22:04 1998 From: aperrin at demog.Berkeley.EDU (Andrew Perrin - Demography) Date: Tue Dec 2 02:24:31 2003 Subject: Sharing printers via Win95 and NT4.0 In-Reply-To: <3613FE04.AF67ADB4@qmaster.com> Message-ID: You should post this question to the general samba list if you're using 18p10 - this list is only for discussion of the NT Domain functionality in 2.0 alpha versions. --------------------------------------------------------------------- Andrew J. Perrin - aperrin@demog.berkeley.edu - NT/Unix Admin/Support Department of Demography - University of California at Berkeley 2232 Piedmont Avenue #2120 - Berkeley, California, 94720-2120 USA http://demog.berkeley.edu/~aperrin --------------------------SEIU1199 On Sat, 3 Oct 1998, Monica Lillico wrote: > Currently, I am attempting to share out my printers using Samba > 1.9.18p10 on hp735 (hpux version 10). I am able to access the printers > from Windows 95 and download the drivers to those machines, but I am > unable to do so with Windows NT 4.0. The documentation stated that it > was only compatible with Windows 95 at that time. > > Has there been any progress made for compatibility with NT 4.0? > > Also, when I go to install the printer on a Win95 machine, I get to the > point where it's going to pick the correct driver and it presents me > with a list of drivers as opposed to automatically downloading/copying > the drivers. It will copy the correct drivers when I put > \\hp735\printer$ as the location, though... > > Any help would be greatly appreciated! > > Monica. > > -- > _______________________________________________________ > > Monica Lillico QMaster Software Solutions Inc. > Technical Analyst Suite 1730 - 840 - 7th Ave. SW > Calgary, AB T2P 3G2 > Phone (403) 264-8322 > monica@qmaster.com 1-800-337-1872 > http://www.qmaster.com Fax (403) 265-5307 > _______________________________________________________ > > From cartegw at Eng.Auburn.EDU Fri Oct 2 16:30:57 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:31 2003 Subject: Sharing printers via Win95 and NT4.0 References: <3613FE04.AF67ADB4@qmaster.com> Message-ID: <3614FFC1.7A9DF17F@eng.auburn.edu> Monica Lillico wrote: > > Currently, I am attempting to share out my printers using Samba > 1.9.18p10 on hp735 (hpux version 10). I am able to access the > printers from Windows 95 and download the drivers to > those machines, but I am unable to do so with Windows NT 4.0. > The documentation stated that it was only compatible with > Windows 95 at that time. > Has there been any progress made for compatibility with NT 4.0? Jean-Francois Micouleau is working on the \PIPE\spoolss support. Note that any of the DEC/RPC support for NT is only being implemented in Samba-2.0.0-prealpha at the moment. Questions related to Win95 or 1.9.18p10 (or below) will get a better response on the main samba mailing list. j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From trep at ursula.dem.qc.ca Fri Oct 2 18:24:23 1998 From: trep at ursula.dem.qc.ca (Pierre-Jules Tremblay) Date: Tue Dec 2 02:24:31 2003 Subject: ksh UWIN 1.6 and samba shares problem Message-ID: <199810021824.OAA05868@ursula.dem.qc.ca> A non-text attachment was scrubbed... Name: not available Type: text Size: 1941 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/19981002/fd06ca38/attachment.bat From cartegw at Eng.Auburn.EDU Fri Oct 2 19:42:01 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:31 2003 Subject: ksh UWIN 1.6 and samba shares problem References: <199810021824.OAA05868@ursula.dem.qc.ca> Message-ID: <36152C89.B2112EEE@eng.auburn.edu> Pierre-Jules Tremblay wrote: > > So far I've had no feedback one way or the other. Sorry 'bout that. > This causes me to wonder: how come the client initiates the > transaction with a different call (open_and_X vs ntcreate_and_X) ? Is > there something in the protocol/dialect negotiation that tells the > client which one to use? There wasn't anything in the NETMON trace > that lead me to believe so. Jeremy's introduced support for the NT smb commands a while back. There is a falg in the negotian packet that says whether or not the server supports NT SMB's. > Any information you guys could provide on what I should be looking for > would be much appreciated. Question : The CAP file for the 'ls' that works was against a Samba 2.0 server or against an NT server? Can get you a successful trace from an NT Server? j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From cartegw at Eng.Auburn.EDU Fri Oct 2 20:42:43 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:31 2003 Subject: ksh UWIN 1.6 and samba shares problem References: <199810021824.OAA05868@ursula.dem.qc.ca> Message-ID: <36153AC3.9554DA29@eng.auburn.edu> Hmmm.... I cc'd this to samba-technical. The original message follows my signature. Here's what I have noticed. Prior to NT SMB support - The client would send an TRANS2_QUERY_FS_INFORMATION with the information level set to 0x02 - The samba server would respond correctly. - The client would send a TRANS_QUERY_PATH_INFORMATION... Against a samba server with NT SMB's - The client would send an TRANS2_QUERY_FS_INFORMATION with the information level set to 0x0102 - The samba server responds [but the response leaves out the Volumne length and not volume string?] - The client sends a TRANS2_QUERY_FILE_INFORMATION - The samba server replies with an INVALID_HANDLE Here's my question.... Looking at the code, the SMB_QUERY_FS_VOLUME_INFO code was what was changed to support autorun right? Did this break something else possibly? I'm still looking but if someone thinks of something, let me know. j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) ===================================================================== Hi again, I decided to dig into the ksh-UWIN problem myself, and so far I've only been able to narrow it down a bit. I would really appreciate some help on this one, or at least a definite "no, we can't work on this now, sorry". So far I've had no feedback one way or the other. Once again, the problem is triggered from ksh (UWIN version 1.6) when trying to list a directory located on a samba-served mapped network drive (UNCs are also a problem). It seems that with smbd as of July 1st, 1998 the transaction consists of an open_and_X call, initiated by the client (NT4 SP3), then a nttrans2(findfirst/findnext). With the latest cvs'ed smbd, the transaction is initiated with an ntcreate_and_X on the directory. What seems weird to me is that samba replies to the ntcreate_and_X with an apparently valid FID, but on the next transaction (findfirst) it returns a "DOS ERROR 6, Invalid Handle" message (as seen with NETMON). In the case of the latest samba, the client never gets to the findnext request. This causes me to wonder: how come the client initiates the transaction with a different call (open_and_X vs ntcreate_and_X) ? Is there something in the protocol/dialect negotiation that tells the client which one to use? There wasn't anything in the NETMON trace that lead me to believe so. An important note: so far, while listing directories fails, accessing other files within the share is no problem (e.g. using tail on one of the files works just fine). Moreover, exec'ing directories must partially work, since I can access files that are in subdirectories of the mapped network drive. I still can list those subdirectories, however, and I cannot cd to them. Any information you guys could provide on what I should be looking for would be much appreciated. Thanks Pierre P.S. I have level-10 logs, level-100 logs, NETMON traces, all of which were uploaded to ftp://samba.anu.edu.au/pub/upload a while back. From cartegw at Eng.Auburn.EDU Fri Oct 2 20:59:45 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:31 2003 Subject: ksh UWIN 1.6 and samba shares problem References: <199810021824.OAA05868@ursula.dem.qc.ca> Message-ID: <36153EC0.8F67B334@eng.auburn.edu> Pierre-Jules Tremblay wrote: > > Once again, the problem is triggered from ksh (UWIN version 1.6) when > trying to list a directory located on a samba-served mapped network > drive (UNCs are also a problem). It seems that with smbd as of July > 1st, 1998 the transaction consists of an open_and_X call, initiated by > the client (NT4 SP3), then a nttrans2(findfirst/findnext). With the > latest cvs'ed smbd, the transaction is initiated with an > ntcreate_and_X on the directory. What seems weird to me is that samba > replies to the ntcreate_and_X with an apparently valid FID, but on the > next transaction (findfirst) it returns a "DOS ERROR 6, Invalid > Handle" message (as seen with NETMON). In the case of the latest > samba, the client never gets to the findnext request. Does this work from a win95 client? j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From dkrovich at wvu.edu Fri Oct 2 21:00:42 1998 From: dkrovich at wvu.edu (dkrovich@wvu.edu) Date: Tue Dec 2 02:24:31 2003 Subject: smbpasswd Message-ID: First off, let me say I'm running the lastest CVS update. I just did one on October 2, at around 3pm... Anyways, I'm having a problem with smbpasswd. When I use it to change a users password, It adds a D character to the fifth field, which seems to disable the account. I can manually edit the file, and delete the D and everything seems to work fine. Here is a sample before I run smbpasswd: jrandom:2000:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:[U ]:LCT-00000000:John Random And after I run smbpasswd: jrandom:2000:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:[DU ]:LCT-00000000:John Random (I intentionally left the password fields blank for obvious reasons. Is there a fix, or is something heiniously weird happening on my system? From svedja at lysator.liu.se Fri Oct 2 22:05:05 1998 From: svedja at lysator.liu.se (Dejan Ilic) Date: Tue Dec 2 02:24:31 2003 Subject: Return of quota-support soon ? Message-ID: Is there anybody making an effort in returning the quotas into the Samba-2.0x code ? I would like to join the effort as I hav? a great need for it. I see that some code is there (probably from 1.9 code) but completly deactivated, not just in the configuration code. From shui at pointsnorth.com Fri Oct 2 23:15:58 1998 From: shui at pointsnorth.com (shui@pointsnorth.com) Date: Tue Dec 2 02:24:31 2003 Subject: Frustration! Help! Message-ID: <87256691.007F285B.00@yxepna01.pointsnorth.com> Hi all, Since I'm in desperate need to set up the Samba server to allow NT domain logon, I decided to download the latest version of samba (Samba V2.0alphaX) from CVS on Oct 2. I did the configure and run make to start compiling the files. However, towards the end of the compilation, the process died and returned with the following error message: Compiling rpcclient/rpcclient.c rpcclient/rpcclient.c:110: `cmd_srv_query_info' undeclared here (not in a function) rpcclient/rpcclient.c:110: initializer element for `commands[1].fn' is not constant rpcclient/rpcclient.c:111: `cmd_srv_enum_sess' undeclared here (not in a function) rpcclient/rpcclient.c:111: initializer element for `commands[2].fn' is not constant rpcclient/rpcclient.c:112: `cmd_srv_enum_shares' undeclared here (not in a function) rpcclient/rpcclient.c:112: initializer element for `commands[3].fn' is not constant rpcclient/rpcclient.c:113: `cmd_srv_enum_conn' undeclared here (not in a function) rpcclient/rpcclient.c:113: initializer element for `commands[4].fn' is not constant rpcclient/rpcclient.c:114: `cmd_srv_enum_files' undeclared here (not in a function) rpcclient/rpcclient.c:114: initializer element for `commands[5].fn' is not constant make: *** [rpcclient/rpcclient.o] Error 1 Could someone please let me know what's happened? Did I miss out something prior to the installation? Please help! Thank you all for your attention. Sandie From shui at pointsnorth.com Fri Oct 2 23:20:57 1998 From: shui at pointsnorth.com (shui@pointsnorth.com) Date: Tue Dec 2 02:24:31 2003 Subject: Frustration! Help! Message-ID: <87256691.00800921.00@yxepna01.pointsnorth.com> Dear all, I forgot to mention that I'm compiling the CVS code obtained on Oct 2 on a Solaris 2.6 unix machine. Thanks! Sandie From tridge at samba.anu.edu.au Sat Oct 3 00:19:59 1998 From: tridge at samba.anu.edu.au (Andrew Tridgell) Date: Tue Dec 2 02:24:31 2003 Subject: Return of quota-support soon ? In-Reply-To: (message from Dejan Ilic on Sat, 3 Oct 1998 08:10:36 +1000) References: Message-ID: <19981003002015Z12670778-7009+13519@samba.anu.edu.au> > Is there anybody making an effort in returning the quotas into the > Samba-2.0x code ? not as far as I know. The problem is that we don't have anyone on the team who uses quotas. > I would like to join the effort as I havé a great need for it. excellent. The main problems with the old code were: - it wasn't very portable - it didn't use root privileges carefully enough (potential security hole if smbd is left as euid root after quota check) - it wasn't maintained > I see that some code is there (probably from 1.9 code) but completly > deactivated, not just in the configuration code. yes, I left it there in the hope that someone who uses quotas would fix it up! From dkrovich at wvu.edu Sat Oct 3 01:14:39 1998 From: dkrovich at wvu.edu (David Krovich) Date: Tue Dec 2 02:24:31 2003 Subject: Return of quota-support soon ? In-Reply-To: <19981003002015Z12670778-7009+13519@samba.anu.edu.au> Message-ID: Is this discussion about making it so that Samba handle quotas itself, independent of the OS it is running on? The reason I ask, is that I have setup samba on Solaris 2.5.1 machine. I'm getting ready to use PDC samba to take the place of our current NT Server. My plan is to use Solaris to handle user quotas, and then let users get to their home directories via Samba. Samba will "abide" by those quotas, won't it? On Sat, 3 Oct 1998, Andrew Tridgell wrote: > > Is there anybody making an effort in returning the quotas into the > > Samba-2.0x code ? > > not as far as I know. The problem is that we don't have anyone on the > team who uses quotas. > > > I would like to join the effort as I havi a great need for it. > > excellent. The main problems with the old code were: > > - it wasn't very portable > - it didn't use root privileges carefully enough (potential security > hole if smbd is left as euid root after quota check) > - it wasn't maintained > > > I see that some code is there (probably from 1.9 code) but completly > > deactivated, not just in the configuration code. > > yes, I left it there in the hope that someone who uses quotas would > fix it up! > From tridge at samba.anu.edu.au Sat Oct 3 01:29:44 1998 From: tridge at samba.anu.edu.au (Andrew Tridgell) Date: Tue Dec 2 02:24:31 2003 Subject: Return of quota-support soon ? In-Reply-To: (message from David Krovich on Sat, 3 Oct 1998 11:18:22 +1000) References: Message-ID: <19981003012953Z12670182-20449+13508@samba.anu.edu.au> > The reason I ask, is that I have setup samba on Solaris 2.5.1 > machine. I'm getting ready to use PDC samba to take the place of > our current NT Server. My plan is to use Solaris to handle user > quotas, and then let users get to their home directories via Samba. > Samba will "abide" by those quotas, won't it? Samba will abide by them (Samba does not use root privileges for file access, so it always abides by OS rules). The aim of quota support in Samba is to get the right value reported for the amount of free disk space available. When a user runs dir they should see at the bottom the amount of free quota they have available not the total amount of free disk space. Personally I think that the real problem is the way quotas have been designed on unix systems. The statvfs() or equivalent call that reports the amount of free disk should itself modify the result to take into account quotas, or additional fields should have been added to the return structure to show the quota values. Unfortunately the people who put quota support into the various OSes (in mostly incompatible ways) did it via special quota calls. This means that every application that wants the amount of free disk space needs to be modified for each OS to be quota enabled. This is dumb! From ken at sdd.hp.com Sat Oct 3 15:19:53 1998 From: ken at sdd.hp.com (Ken Stone) Date: Tue Dec 2 02:24:31 2003 Subject: Anyone else have compiles failing now ? Message-ID: <199810031519.IAA22574@hpsdlz.sdd.hp.com> As of sometime yesterday (Fri PDT), I now get compile fails like Compiling rpcclient/rpcclient.c cc: "rpcclient/rpcclient.c", line 110: error 1588: "cmd_srv_query_info" undefine d. cc: "rpcclient/rpcclient.c", line 110: error 1521: Incorrect initialization. cc: "rpcclient/rpcclient.c", line 111: error 1588: "cmd_srv_enum_sess" undefined .. cc: "rpcclient/rpcclient.c", line 111: error 1521: Incorrect initialization. cc: "rpcclient/rpcclient.c", line 112: error 1588: "cmd_srv_enum_shares" undefin ed. cc: "rpcclient/rpcclient.c", line 112: error 1521: Incorrect initialization. cc: "rpcclient/rpcclient.c", line 113: error 1588: "cmd_srv_enum_conn" undefined .. cc: "rpcclient/rpcclient.c", line 113: error 1521: Incorrect initialization. cc: "rpcclient/rpcclient.c", line 114: error 1588: "cmd_srv_enum_files" undefine d. cc: "rpcclient/rpcclient.c", line 114: error 1521: Incorrect initialization. *** Error exit code 1 Stop. Which makes some sense if I look for say cmd_srv_query_info in the source tree ... [src @ z] (77)-> find . -name '*.[ch]' | xargs grep cmd_srv_query_i> ./rpcclient/cmd_srvsvc.c:void cmd_srv_query_info(struct client_info *info) ./rpcclient/cmd_srvsvc.c: DEBUG(4,("cmd_srv_query_info: server:%s info lev el: %D\n", ./rpcclient/cmd_srvsvc.c: DEBUG(5, ("cmd_srv_query_info: smb_cli->fd:%d\n" , smb_cli->fd)); ./rpcclient/cmd_srvsvc.c: DEBUG(5,("cmd_srv_query_info: query succ eeded\n")); ./rpcclient/cmd_srvsvc.c: DEBUG(5,("cmd_srv_query_info: query fail ed\n")); ./rpcclient/rpcclient.c: {"srvinfo", cmd_srv_query_info, "DCE/RPC - Server Query Info"}, [src @ z] (78)-> Note that there is no way for rpcclient/rpcclient.c to have any idea how to reference most of the DCE/RPC calls as there are no external refs ? Time to rm -rf the source tree again .... -- Ken From tridge at samba.anu.edu.au Sat Oct 3 15:38:36 1998 From: tridge at samba.anu.edu.au (Andrew Tridgell) Date: Tue Dec 2 02:24:31 2003 Subject: Anyone else have compiles failing now ? In-Reply-To: <199810031519.IAA22574@hpsdlz.sdd.hp.com> (message from Ken Stone on Sun, 4 Oct 1998 01:25:51 +1000) References: <199810031519.IAA22574@hpsdlz.sdd.hp.com> Message-ID: <19981003153836Z12669831-7009+13727@samba.anu.edu.au> > As of sometime yesterday (Fri PDT), I now get compile fails like > > Compiling rpcclient/rpcclient.c > cc: "rpcclient/rpcclient.c", line 110: error 1588: "cmd_srv_query_info" undefine I fixed this about 2 minutes ago :-) From icoupeau at unav.es Sat Oct 3 15:43:00 1998 From: icoupeau at unav.es (Ignacio Coupeau) Date: Tue Dec 2 02:24:31 2003 Subject: smbpasswd References: Message-ID: <36164604.51728F8B@unav.es> We have a similar problem with the October 1 distribution. I suppose the problem was fixed, but when we ad NT to domain the file is corrupted as follows: ----------------------------------------- G7$:1007:046F63EE46542A31AAD3B435B51404EE:6E3D182B211DB7BE60AE59CD16FFC926:[W ]:LCT-3614CA87: G8$:1008:41B616C79B235D60AAD3B435B51404EE:0CE34A6E69DC35E5616DE069B17ECA3D:[W ]:LCT-3614CA89: G9$:1009:1DE44256DE11C9B77ED6D1AF61720F9B:1DE44256DE11C9B77ED6D1AF61720F9B:^M^Hh???[W ]:LCT-3614CF7C:1010:9A9E3 6912A71C62CAAD3B435B51404EE:5A1C3CC56BF378B2C337C40E6EBDF87E:[W ]:LCT-3614CA90: G11$:1011:F76FAD82789C8D35AAD3B435B51404EE:7E82F5329DB3F3CD554F2307EBA391C7:[W ]:LCT-3614CA93: G12$:1012:5F2796627EA0E4F4AAD3B435B51404EE:87E74AC8C0B467865CA31E5F420A0DE6:[W ]:LCT-3614CA98: G16$:1016:A955EE78829FDF1AD672938A693E1103:A955EE78829FDF1AD672938A693E1103:^M^Hh???[W ]:LCT-3614CED8:1017:72C8 B707F8BF899D798E2A26E94219F5:72C8B707F8BF899D798E2A26E94219F5:^M^Hh???[W ]:LCT-3614CECD:1018:89D6E7FF3B2DB92CAA D ----------------------------------------------- The problem is detected some times in some workstations I think when a delay or error occurs in the very firs login... But __all__ the workstations are identical (hardware and disk are images)... dkrovich@wvu.edu wrote: > > First off, let me say I'm running the lastest CVS update. I just did one on > October 2, at around 3pm... Anyways, I'm having a problem with smbpasswd. When I use > it to change a users password, It adds a D character to the fifth field, which seems > to disable the account. I can manually edit the file, and delete the D and everything > seems to work fine. > > Here is a sample before I run smbpasswd: > > jrandom:2000:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:[U ]:LCT-00000000:John Random > > And after I run smbpasswd: > > jrandom:2000:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:[DU ]:LCT-00000000:John Random > > (I intentionally left the password fields blank for obvious reasons. > > Is there a fix, or is something heiniously weird happening on my system? > > > > -- ____________________________________________________ Ignacio Coupeau, Ph.D. e-mail: icoupeau@unav.es CTI, Director fax: +48 425619 University of Navarra voice: +48 425600 Pamplona, SPAIN http://www.unav.es/cti/ From i139 at stio1.fh-wuerzburg.de Sat Oct 3 16:01:49 1998 From: i139 at stio1.fh-wuerzburg.de (Joa Oliver) Date: Tue Dec 2 02:24:31 2003 Subject: policies Message-ID: Hi, I have set up samba to enable Domain-Logons for windows95/98. I am using Samba-1.9.18p7. I have a share netlogon with a batchfile for connection network drives. Everything is working. But when I create a policies file and put it onto the netlogon share windows doesn't use it. I have named it config.pol. Is there another special thing to configure? I have found archives of this mailinglist, but it is only for online-search. Is there anywhere a offline version for download? Thanks Oliver Ciao Olli ----------------------------------------------------------------------- ojoa@gmx.net ojoa@citynet.de i139@stio1.sari.fh-wuerzburg.de From aperrin at demog.Berkeley.EDU Sat Oct 3 16:52:31 1998 From: aperrin at demog.Berkeley.EDU (Andrew Perrin - Demography) Date: Tue Dec 2 02:24:31 2003 Subject: policies In-Reply-To: Message-ID: You should ask this question on the general samba list -- this list is for discussion of the NT domain code, versions 2.0 alpha. --------------------------------------------------------------------- Andrew J. Perrin - aperrin@demog.berkeley.edu - NT/Unix Admin/Support Department of Demography - University of California at Berkeley 2232 Piedmont Avenue #2120 - Berkeley, California, 94720-2120 USA http://demog.berkeley.edu/~aperrin --------------------------SEIU1199 On Sun, 4 Oct 1998, Joa Oliver wrote: > Hi, > > I have set up samba to enable Domain-Logons for windows95/98. > I am using Samba-1.9.18p7. I have a share netlogon with > a batchfile for connection network drives. Everything is working. > But when I create a policies file and put it onto the netlogon > share windows doesn't use it. I have named it config.pol. Is there > another special thing to configure? > > I have found archives of this mailinglist, but it is only for > online-search. Is there anywhere a offline version for download? > > Thanks > > Oliver > > > Ciao > > Olli > > ----------------------------------------------------------------------- > ojoa@gmx.net > ojoa@citynet.de > i139@stio1.sari.fh-wuerzburg.de > > From thwartedefforts at wonky.org Sat Oct 3 22:47:16 1998 From: thwartedefforts at wonky.org (thwartedefforts@wonky.org) Date: Tue Dec 2 02:24:31 2003 Subject: update to samba syslog auditing Message-ID: <19981003224716.25911.cpmta@fillmore.criticalpath.net> I've generated new patches for my auditing system against samba 2.0.0-alpha7. Docs and patches are avaiable from http://homepage.interaccess.com/~abakun/sambaaudit/ The most major change to this version is that I've changed the function, macro and variable names to be prefixed with the word syslog. Also, all the configuration option names are now prefixed with syslog. I figured this would be useful so that this patch could coexist with other styles of auditing should someone write them in the future. This is in no way a final release. There are some other changes I could make to allow other auditing styles to be implemented easier, and there are still some things that I want to allow auditing on that I have not written code for yet. I have also not tested if it needs changes to be cross-platform (I could use some help here, I currently only have a linux machine to test on). For those who are interested, at the bottom of the web page is a to-do list. Andy Bakun thwartedefforts@wonky.org From canfield at uindy.edu Sun Oct 4 16:00:50 1998 From: canfield at uindy.edu (Dana Canfield) Date: Tue Dec 2 02:24:31 2003 Subject: smbpasswd questions Message-ID: <36179BB2.AA450E9F@uindy.edu> I've got a couple general questions about smbpasswd (both the file and the program), and a feature request (as if there weren't enough to do already). First, is the current format of the smbpasswd file documented anywhere? I know it's changed quite a bit lately, and I currently have about 5 types of entries in my passwd file (from various programs that hit the file directly). Considering the above question, is there currently any tool for cleaning up or migrating the smbpasswd file to the current format. If not, I may try to throw this together in perl or something. Once again, I would need to understand what variations are currently allowed in order to do this correctly. Also, is there any way we could get a feature added to smbpasswd that would "zero-out" the password for a given machine? Maybe there is already a way to do this, but I haven't yet found it. We usually end up having to re-build a couple of machines per week, and editing the smbpasswd file is getting a bit tedious. Thanks! Dana From jerry at Eng.Auburn.EDU Sun Oct 4 18:58:35 1998 From: jerry at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:31 2003 Subject: smbpasswd questions In-Reply-To: <36179BB2.AA450E9F@uindy.edu> Message-ID: <3.0.5.32.19981004135835.008ffdb0@pophost.eng.auburn.edu> At 02:10 AM 10/5/98 +1000, Dana Canfield wrote: >Also, is there any way we could get a feature added to smbpasswd that >would "zero-out" the password for a given machine? Maybe there is >already a way to do this, but I haven't yet found it. We usually end up >having to re-build a couple of machines per week, and editing the >smbpasswd file is getting a bit tedious. 'smbpasswd machinename$' set the password to machinename. This could probably be scripted if you needed it. j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From paulp at dilnet.upd.edu.ph Mon Oct 5 16:01:59 1998 From: paulp at dilnet.upd.edu.ph (Paul Pongco) Date: Tue Dec 2 02:24:31 2003 Subject: Dumb question Message-ID: Hello Sorry for asking this question..im new to the list. Where can i get the latest samba for linux...i currently use 1.19.18p5. What are the added features? How can i make my samba server seen at a different domain? My server is in the 10.36.x.x domain. It cant be seen elsewhere i.e. , 10.3x.x.x or 10.x.x.x domains. Hope someone helps Cheers Paul Pongco From Herve.Cimadomo at imag.fr Mon Oct 5 06:24:43 1998 From: Herve.Cimadomo at imag.fr (Herve CIMADOMO) Date: Tue Dec 2 02:24:31 2003 Subject: access to samba share via NT5 Message-ID: <001f01bdf028$d7e3cab0$20675881@FANGIO> Hi, using (testing) nt5, i discovered that share on samba2.0.0 prealpha doesnt' work However, the same share on samba 1.9.17 alpha 4 work. thinking that it's a pb of case options, i'm testing many configuration without success . any idea ? thank. Herve Cimadomo Email: Herve.Cimadomo@imag.fr ACTIMART, bat 8, avenue de Vignate 38610 Gieres tel : 04.76.63.34.61 From samba at aquasoft.com.au Mon Oct 5 08:28:37 1998 From: samba at aquasoft.com.au (Samba-Central) Date: Tue Dec 2 02:24:31 2003 Subject: Dumb question In-Reply-To: Message-ID: Sorry, Paul. You will get much better response on the correct list. Please try the main samba list at samba@samba.anu.edu.au, this list is for use by those wishing to discuss inner techicalities of samba for development and feature enhancement purposes and most of us will not have time to answer newbie questions. You should also try http://samba.anu.edu.au/samba for location details for your nearest ftp mirror site. Cheers, John H Terpstra On Mon, 5 Oct 1998, Paul Pongco wrote: > Hello > Sorry for asking this question..im new to the list. Where can i get the > latest samba for linux...i currently use 1.19.18p5. What are the added > features? How can i make my samba server seen at a different domain? My > server is in the 10.36.x.x domain. It cant be seen elsewhere i.e. , > 10.3x.x.x or 10.x.x.x domains. > Hope someone helps > > > Cheers > Paul Pongco > From smurf at smurfsoft.dauenhauer.de Mon Oct 5 08:53:53 1998 From: smurf at smurfsoft.dauenhauer.de (Christian Kumpf) Date: Tue Dec 2 02:24:31 2003 Subject: Off-Topic Mails In-Reply-To: from "Samba-Central" at Oct 5, 98 06:39:28 pm Message-ID: <199810050853.KAA26866@smurfsoft.dauenhauer.de> A non-text attachment was scrubbed... Name: not available Type: text Size: 583 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/19981005/8aaaea2e/attachment.bat From cartegw at Eng.Auburn.EDU Mon Oct 5 12:00:04 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:31 2003 Subject: access to samba share via NT5 References: <001f01bdf028$d7e3cab0$20675881@FANGIO> Message-ID: <3618B4C4.3F45FFAC@eng.auburn.edu> Herve CIMADOMO wrote: > > using (testing) nt5, i discovered that share on samba2.0.0 > prealpha doesnt' work However, the same share on samba 1.9.17 > alpha 4 work. thinking that it's a pb of case options, i'm testing > many configuration without success . any idea ? Once you tell an NT client that you support the DCE/RPC calls, it tends to want to make on only DCE/RPC calls. Actually no support has been done for NT5 yet. SP4 comes first. The reason that 1.9.17p4 will work is that it doesn't support DCE/RPC and thus the NT client will not try to use this. BTW...What beta version of NT 5 are you using (1 or 2)? j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From lkcl at switchboard.net Mon Oct 5 16:03:49 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:31 2003 Subject: CVS update: samba/source/rpcclient In-Reply-To: <19981003152948Z12637376-7009+13725@samba.anu.edu.au> Message-ID: i added cmd_srvsvc to Makefile not Makefile.in. On Sun, 4 Oct 1998 tridge@samba.anu.edu.au wrote: > > Date: Sunday October 4, 1998 @ 1:29 > Author: tridge > > Update of /data/cvs/samba/source/rpcclient > In directory samba:/tmp/cvs-serv5270 > > Modified Files: > rpcclient.c > Log Message: > don't call functions that aren't there yet. (Luke had the code > commented out in the makefile) > > > Luke Kenneth Casson Leighton Samba and Network Development Samba and Network Consultancy From lkcl at switchboard.net Mon Oct 5 16:40:16 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:31 2003 Subject: access to samba share via NT5 In-Reply-To: <3618B4C4.3F45FFAC@eng.auburn.edu> Message-ID: > BTW...What beta version of NT 5 are you using (1 or 2)? it can't be beta 1: that version's handling of non-unicode strings is so bad it wipes out at the very first SMBopenX on \PIPE\srvsvc. From Ryan at US.Distribution.com Mon Oct 5 16:33:55 1998 From: Ryan at US.Distribution.com (Ryan Koski) Date: Tue Dec 2 02:24:32 2003 Subject: Still can't connect to shares... Message-ID: <773702019F1DD21196ED00A0C9D6526F48F9@EXCHANGE.distribution.com> Let me know what I need to provide to be more helpful. The latest CVS code (as of about 2 hours ago) will not allow clients to connect to shares on RH5.1 (2.0.34). I get the "PANIC: Internal Error" entries in the log, but the daemons aren't seg faulting (no core files for you to post-mortem). Here is a debug level 10: [1998/10/05 09:20:38, 1] smbd/server.c:main(618) smbd version 2.0.0-prealpha started. Copyright Andrew Tridgell 1992-1998 doing parameter browseable = yes doing parameter create mask = 0660 doing parameter directory mask = 0770 doing parameter force create mode = 0660 doing parameter force directory mode = 0770 doing parameter encrypt passwords = yes doing parameter dont descend = no doing parameter hide dot files = yes doing parameter hosts allow = 192.188.20. 208.222.75. 208.222.74. 208.222.73. doing parameter interfaces = 192.188.20.230/24 doing parameter load printers = no doing parameter local master = no doing parameter locking = yes doing parameter name resolve order = wins host doing parameter netbios name = SRV-SMG doing parameter oplocks = true doing parameter os level = 0 doing parameter password server = SRV-DAIPDC SRV-DAIBDC doing parameter preserve case = yes doing parameter security = domain doing parameter server string = SMG Samba Server doing parameter short preserve case = yes doing parameter socket options = TCP_NODELAY doing parameter wins server = 192.188.20.150 doing parameter workgroup = DAI [1998/10/05 09:20:38, 2] param/loadparm.c:do_section(2154) Processing section "[homes]" doing parameter browseable = no doing parameter comment = Your Home Directory doing parameter force group = %S doing parameter guest ok = no doing parameter hide dot files = yes doing parameter locking = yes doing parameter read only = no [1998/10/05 09:20:38, 2] param/loadparm.c:do_section(2154) Processing section "[Software]" doing parameter browseable = yes doing parameter comment = Software Library doing parameter path = /home/netshare/samba/incoming doing parameter valid users = @smbusers doing parameter force group = smbusers doing parameter guest ok = no doing parameter hide dot files = yes doing parameter locking = yes doing parameter read only = no [1998/10/05 09:20:38, 2] param/loadparm.c:do_section(2154) Processing section "[U2_DAALP7]" doing parameter browseable = yes doing parameter comment = U2 on DAALP7 doing parameter path = /home/netshare/samba/u2_daalp7 doing parameter create mask = 0666 doing parameter directory mask = 0777 doing parameter force create mode = 0666 doing parameter force directory mode = 0777 doing parameter valid users = @smbusers doing parameter force group = smbusers doing parameter guest ok = no doing parameter hide dot files = yes doing parameter locking = yes doing parameter oplocks = false doing parameter read only = no [1998/10/05 09:20:38, 3] param/loadparm.c:lp_load(2476) pm_process() returned Yes [1998/10/05 09:20:38, 3] param/loadparm.c:lp_add_ipc(1450) adding IPC service [1998/10/05 09:20:38, 7] param/loadparm.c:lp_servicenumber(2554) lp_servicenumber: couldn't find printers [1998/10/05 09:20:38, 6] param/loadparm.c:lp_file_list_changed(1739) lp_file_list_changed() file /etc/smb.conf -> /etc/smb.conf last mod_time: Mon Oct 5 09:19:20 1998 [1998/10/05 09:20:38, 2] lib/interface.c:interpret_interfaces(176) Added interface ip=192.188.20.230 bcast=192.188.20.255 nmask=255.255.255.0 [1998/10/05 09:20:38, 6] lib/charset.c:codepage_initialise(338) codepage_initialise: client code page = 850 [1998/10/05 09:20:38, 5] lib/charset.c:load_client_codepage(196) load_client_codepage: loading codepage 850. Adding chars 0x85 0xb7 (l->u = True) (u->l = True) Adding chars 0xa0 0xb5 (l->u = True) (u->l = True) Adding chars 0x83 0xb6 (l->u = True) (u->l = True) Adding chars 0xc6 0xc7 (l->u = True) (u->l = True) Adding chars 0x84 0x8e (l->u = True) (u->l = True) Adding chars 0x86 0x8f (l->u = True) (u->l = True) Adding chars 0x91 0x92 (l->u = True) (u->l = True) Adding chars 0x87 0x80 (l->u = True) (u->l = True) Adding chars 0x8a 0xd4 (l->u = True) (u->l = True) Adding chars 0x82 0x90 (l->u = True) (u->l = True) Adding chars 0x88 0xd2 (l->u = True) (u->l = True) Adding chars 0x89 0xd3 (l->u = True) (u->l = True) Adding chars 0x8d 0xde (l->u = True) (u->l = True) Adding chars 0xa1 0xd6 (l->u = True) (u->l = True) Adding chars 0x8c 0xd7 (l->u = True) (u->l = True) Adding chars 0x8b 0xd8 (l->u = True) (u->l = True) Adding chars 0xd0 0xd1 (l->u = True) (u->l = True) Adding chars 0xa4 0xa5 (l->u = True) (u->l = True) Adding chars 0x95 0xe3 (l->u = True) (u->l = True) Adding chars 0xa2 0xe0 (l->u = True) (u->l = True) Adding chars 0x93 0xe2 (l->u = True) (u->l = True) Adding chars 0xe4 0xe5 (l->u = True) (u->l = True) Adding chars 0x94 0x99 (l->u = True) (u->l = True) Adding chars 0x9b 0x9d (l->u = True) (u->l = True) Adding chars 0x97 0xeb (l->u = True) (u->l = True) Adding chars 0xa3 0xe9 (l->u = True) (u->l = True) Adding chars 0x96 0xea (l->u = True) (u->l = True) Adding chars 0x81 0x9a (l->u = True) (u->l = True) Adding chars 0xec 0xed (l->u = True) (u->l = True) Adding chars 0xe7 0xe8 (l->u = True) (u->l = True) Adding chars 0x9c 0x0 (l->u = False) (u->l = False) [1998/10/05 09:20:38, 7] lib/util.c:string_to_sid(4809) string_to_sid: converted SID S-1-5-21-459973219-3118979762-4098852877 ok [1998/10/05 09:20:38, 3] smbd/server.c:main(670) loaded services [1998/10/05 09:20:38, 3] smbd/server.c:main(678) Becoming a daemon. [1998/10/05 09:20:38, 8] lib/util.c:fcntl_lock(4339) fcntl_lock 4 6 0 1 1 [1998/10/05 09:20:38, 8] lib/util.c:fcntl_lock(4400) Lock call successful [1998/10/05 09:20:38, 3] lib/util.c:open_socket_in(3276) bind succeeded on port 139 [1998/10/05 09:20:38, 2] smbd/server.c:open_sockets(183) waiting for a connection [1998/10/05 09:20:45, 10] lib/genrand.c:do_reseed(131) do_reseed: got 40 bytes from /dev/random. [1998/10/05 09:20:46, 4] locking/shmem_sysv.c:sysv_shm_open(544) Trying sysv shmem open of size 1048576 [1998/10/05 09:20:46, 5] locking/shmem_sysv.c:shm_initialize(424) shm_initialize : initializing shmem size 1048576 [1998/10/05 09:20:46, 6] locking/shmem_sysv.c:shm_alloc(253) shm_alloc : allocated 52 bytes at offset 48 [1998/10/05 09:20:46, 3] locking/shmem_sysv.c:sysv_shm_open(702) Initialised IPC area of size 1048576 [1998/10/05 09:20:46, 6] param/loadparm.c:lp_file_list_changed(1739) lp_file_list_changed() file /etc/smb.conf -> /etc/smb.conf last mod_time: Mon Oct 5 09:19:20 1998 [1998/10/05 09:20:46, 2] smbd/server.c:main(706) Changed root to / [1998/10/05 09:20:46, 3] smbd/oplock.c:open_oplock_ipc(50) open_oplock_ipc: opening loopback UDP socket. [1998/10/05 09:20:46, 3] lib/util.c:open_socket_in(3276) bind succeeded on port 0 [1998/10/05 09:20:46, 3] smbd/oplock.c:open_oplock_ipc(75) open_oplock ipc: pid = 30533, global_oplock_port = 1798 [1998/10/05 09:20:46, 3] smbd/process.c:smbd_process(755) priming nmbd [1998/10/05 09:20:46, 3] lib/util.c:send_one_packet(2384) sending a packet of len 1 to (127.0.0.1) on port 137 of type DGRAM [1998/10/05 09:20:46, 4] lib/time.c:TimeInit(110) Serverzone is 25200 [1998/10/05 09:20:46, 10] lib/util.c:read_smb_length_return_keepalive(2181) got smb length of 68 [1998/10/05 09:20:46, 2] lib/access.c:check_access(232) Allowed connection from RKOSKI.distribution.com (192.188.20.4) [1998/10/05 09:20:46, 6] smbd/process.c:process_smb(564) got message type 0x81 of len 0x44 [1998/10/05 09:20:46, 3] smbd/process.c:process_smb(565) Transaction 0 of length 72 [1998/10/05 09:20:46, 2] smbd/reply.c:reply_special(95) netbios connect: name1=SRV-SMG name2=RKOSKI [1998/10/05 09:20:46, 6] param/loadparm.c:lp_file_list_changed(1739) lp_file_list_changed() file /etc/smb.conf -> /etc/smb.conf last mod_time: Mon Oct 5 09:19:20 1998 [1998/10/05 09:20:46, 5] smbd/connection.c:claim_connection(127) trying claim /usr/local/samba/var/locks STATUS. 100000 [1998/10/05 09:20:46, 8] lib/util.c:fcntl_lock(4339) fcntl_lock 7 7 0 1 1 [1998/10/05 09:20:46, 8] lib/util.c:fcntl_lock(4400) Lock call successful [1998/10/05 09:20:46, 8] lib/util.c:fcntl_lock(4339) fcntl_lock 7 7 0 1 2 [1998/10/05 09:20:46, 8] lib/util.c:fcntl_lock(4400) Lock call successful [1998/10/05 09:20:46, 5] smbd/reply.c:reply_special(147) init msg_type=0x81 msg_flags=0x0 [1998/10/05 09:20:46, 6] lib/util.c:write_socket(1836) write_socket(6,4) [1998/10/05 09:20:46, 6] lib/util.c:write_socket(1839) write_socket(6,4) wrote 4 [1998/10/05 09:20:46, 10] lib/util.c:read_smb_length_return_keepalive(2181) got smb length of 170 [1998/10/05 09:20:46, 6] smbd/process.c:process_smb(564) got message type 0x0 of len 0xaa [1998/10/05 09:20:46, 3] smbd/process.c:process_smb(565) Transaction 1 of length 174 [1998/10/05 09:20:46, 5] lib/util.c:show_msg(996) size=170 smb_com=0x72 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=3 [1998/10/05 09:20:46, 5] lib/util.c:show_msg(1002) smb_tid=0 smb_pid=51966 smb_uid=100 smb_mid=0 smt_wct=0 [1998/10/05 09:20:46, 5] lib/util.c:show_msg(1012) smb_bcc=135 [1998/10/05 09:20:46, 10] lib/util.c:dump_data(4694) [000] 02 50 43 20 4E 45 54 57 4F 52 4B 20 50 52 4F 47 .PC NETW ORK PROG [1998/10/05 09:20:46, 10] lib/util.c:dump_data(4702) [010] 52 41 4D 20 31 2E 30 00 02 58 45 4E 49 58 20 43 RAM 1.0. .XENIX C [1998/10/05 09:20:46, 10] lib/util.c:dump_data(4702) [020] 4F 52 45 00 02 4D 49 43 52 4F 53 4F 46 54 20 4E ORE..MIC ROSOFT N [1998/10/05 09:20:46, 10] lib/util.c:dump_data(4702) [030] 45 54 57 4F 52 4B 53 20 31 2E 30 33 00 02 4C 41 ETWORKS 1.03..LA [1998/10/05 09:20:46, 10] lib/util.c:dump_data(4702) [040] 4E 4D 41 4E 31 2E 30 00 02 57 69 6E 64 6F 77 73 NMAN1.0. .Windows [1998/10/05 09:20:46, 10] lib/util.c:dump_data(4702) [050] 20 66 6F 72 20 57 6F 72 6B 67 72 6F 75 70 73 20 for Wor kgroups [1998/10/05 09:20:46, 10] lib/util.c:dump_data(4702) [060] 33 2E 31 61 00 02 4C 4D 31 2E 32 58 30 30 32 00 3.1a..LM 1.2X002. [1998/10/05 09:20:46, 10] lib/util.c:dump_data(4702) [070] 02 4C 41 4E 4D 41 4E 32 2E 31 00 02 4E 54 20 4C .LANMAN2 .1..NT L [1998/10/05 09:20:46, 10] lib/util.c:dump_data(4702) [080] 4D 20 30 2E 31 32 00 M 0.12. [1998/10/05 09:20:46, 3] smbd/process.c:switch_message(402) switch message SMBnegprot (pid 30533) [1998/10/05 09:20:46, 3] smbd/negprot.c:reply_negprot(332) Requested protocol [PC NETWORK PROGRAM 1.0] [1998/10/05 09:20:46, 3] smbd/negprot.c:reply_negprot(332) Requested protocol [XENIX CORE] [1998/10/05 09:20:46, 3] smbd/negprot.c:reply_negprot(332) Requested protocol [MICROSOFT NETWORKS 1.03] [1998/10/05 09:20:46, 3] smbd/negprot.c:reply_negprot(332) Requested protocol [LANMAN1.0] [1998/10/05 09:20:46, 3] smbd/negprot.c:reply_negprot(332) Requested protocol [Windows for Workgroups 3.1a] [1998/10/05 09:20:46, 3] smbd/negprot.c:reply_negprot(332) Requested protocol [LM1.2X002] [1998/10/05 09:20:46, 3] smbd/negprot.c:reply_negprot(332) Requested protocol [LANMAN2.1] [1998/10/05 09:20:46, 3] smbd/negprot.c:reply_negprot(332) Requested protocol [NT LM 0.12] [1998/10/05 09:20:46, 6] param/loadparm.c:lp_file_list_changed(1739) lp_file_list_changed() file /etc/smb.conf -> /etc/smb.conf last mod_time: Mon Oct 5 09:19:20 1998 [1998/10/05 09:20:46, 6] param/loadparm.c:lp_file_list_changed(1739) lp_file_list_changed() file /etc/smb.conf -> /etc/smb.conf last mod_time: Mon Oct 5 09:19:20 1998 [1998/10/05 09:20:46, 3] smbd/negprot.c:reply_negprot(409) Selected protocol NT LM 0.12 [1998/10/05 09:20:46, 5] smbd/negprot.c:reply_negprot(416) negprot index=7 [1998/10/05 09:20:46, 5] lib/util.c:show_msg(996) size=81 smb_com=0x72 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=1 [1998/10/05 09:20:46, 5] lib/util.c:show_msg(1002) smb_tid=0 smb_pid=51966 smb_uid=100 smb_mid=0 smt_wct=17 [1998/10/05 09:20:46, 5] lib/util.c:show_msg(1007) smb_vwv[0]=7 (0x7) [1998/10/05 09:20:46, 5] lib/util.c:show_msg(1007) smb_vwv[1]=12803 (0x3203) [1998/10/05 09:20:46, 5] lib/util.c:show_msg(1007) smb_vwv[2]=256 (0x100) [1998/10/05 09:20:46, 5] lib/util.c:show_msg(1007) smb_vwv[3]=65280 (0xFF00) [1998/10/05 09:20:46, 5] lib/util.c:show_msg(1007) smb_vwv[4]=255 (0xFF) [1998/10/05 09:20:46, 5] lib/util.c:show_msg(1007) smb_vwv[5]=0 (0x0) [1998/10/05 09:20:46, 5] lib/util.c:show_msg(1007) smb_vwv[6]=256 (0x100) [1998/10/05 09:20:46, 5] lib/util.c:show_msg(1007) smb_vwv[7]=17664 (0x4500) [1998/10/05 09:20:46, 5] lib/util.c:show_msg(1007) smb_vwv[8]=119 (0x77) [1998/10/05 09:20:46, 5] lib/util.c:show_msg(1007) smb_vwv[9]=12544 (0x3100) [1998/10/05 09:20:46, 5] lib/util.c:show_msg(1007) smb_vwv[10]=3 (0x3) [1998/10/05 09:20:46, 5] lib/util.c:show_msg(1007) smb_vwv[11]=0 (0x0) [1998/10/05 09:20:46, 5] lib/util.c:show_msg(1007) smb_vwv[12]=16259 (0x3F83) [1998/10/05 09:20:46, 5] lib/util.c:show_msg(1007) smb_vwv[13]=31771 (0x7C1B) [1998/10/05 09:20:46, 5] lib/util.c:show_msg(1007) smb_vwv[14]=48624 (0xBDF0) [1998/10/05 09:20:46, 5] lib/util.c:show_msg(1007) smb_vwv[15]=41985 (0xA401) [1998/10/05 09:20:46, 5] lib/util.c:show_msg(1007) smb_vwv[16]=2049 (0x801) [1998/10/05 09:20:46, 5] lib/util.c:show_msg(1012) smb_bcc=12 [1998/10/05 09:20:46, 10] lib/util.c:dump_data(4694) [000] E4 21 8D 42 61 AD 9C 79 44 41 49 00 .!.Ba..y DAI. [1998/10/05 09:20:46, 6] lib/util.c:write_socket(1836) write_socket(6,85) [1998/10/05 09:20:46, 6] lib/util.c:write_socket(1839) write_socket(6,85) wrote 85 [1998/10/05 09:20:46, 10] lib/util.c:read_smb_length_return_keepalive(2181) got smb length of 185 [1998/10/05 09:20:46, 6] smbd/process.c:process_smb(564) got message type 0x0 of len 0xb9 [1998/10/05 09:20:46, 3] smbd/process.c:process_smb(565) Transaction 2 of length 189 [1998/10/05 09:20:46, 5] lib/util.c:show_msg(996) size=185 smb_com=0x73 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=3 [1998/10/05 09:20:46, 5] lib/util.c:show_msg(1002) smb_tid=0 smb_pid=51966 smb_uid=100 smb_mid=0 smt_wct=13 [1998/10/05 09:20:46, 5] lib/util.c:show_msg(1007) smb_vwv[0]=117 (0x75) [1998/10/05 09:20:46, 5] lib/util.c:show_msg(1007) smb_vwv[1]=151 (0x97) [1998/10/05 09:20:46, 5] lib/util.c:show_msg(1007) smb_vwv[2]=61440 (0xF000) [1998/10/05 09:20:46, 5] lib/util.c:show_msg(1007) smb_vwv[3]=50 (0x32) [1998/10/05 09:20:46, 5] lib/util.c:show_msg(1007) smb_vwv[4]=0 (0x0) [1998/10/05 09:20:46, 5] lib/util.c:show_msg(1007) smb_vwv[5]=30533 (0x7745) [1998/10/05 09:20:46, 5] lib/util.c:show_msg(1007) smb_vwv[6]=0 (0x0) [1998/10/05 09:20:46, 5] lib/util.c:show_msg(1007) smb_vwv[7]=24 (0x18) [1998/10/05 09:20:46, 5] lib/util.c:show_msg(1007) smb_vwv[8]=24 (0x18) [1998/10/05 09:20:46, 5] lib/util.c:show_msg(1007) smb_vwv[9]=0 (0x0) [1998/10/05 09:20:46, 5] lib/util.c:show_msg(1007) smb_vwv[10]=0 (0x0) [1998/10/05 09:20:46, 5] lib/util.c:show_msg(1007) smb_vwv[11]=212 (0xD4) [1998/10/05 09:20:46, 5] lib/util.c:show_msg(1007) smb_vwv[12]=0 (0x0) [1998/10/05 09:20:46, 5] lib/util.c:show_msg(1012) smb_bcc=90 [1998/10/05 09:20:46, 10] lib/util.c:dump_data(4694) [000] 55 6A D1 70 6C B2 DB 4E E3 EA 36 86 F4 A0 05 15 Uj.pl..N ..6..... [1998/10/05 09:20:46, 10] lib/util.c:dump_data(4702) [010] F8 10 D6 19 98 D4 73 0C 6A A2 87 06 48 CB A2 E6 ......s. j...H... [1998/10/05 09:20:46, 10] lib/util.c:dump_data(4702) [020] 4B A7 09 82 9D 3F 8D CD 5A 9C 22 A7 E8 97 94 CF K....?.. Z."..... [1998/10/05 09:20:46, 10] lib/util.c:dump_data(4702) [030] 52 79 61 6E 00 44 41 49 00 57 69 6E 64 6F 77 73 Ryan.DAI .Windows [1998/10/05 09:20:46, 10] lib/util.c:dump_data(4702) [040] 20 4E 54 20 31 33 38 31 00 00 57 69 6E 64 6F 77 NT 1381 ..Window [1998/10/05 09:20:46, 10] lib/util.c:dump_data(4702) [050] 73 20 4E 54 20 34 2E 30 00 00 s NT 4.0 .. [1998/10/05 09:20:46, 3] smbd/process.c:switch_message(402) switch message SMBsesssetupX (pid 30533) [1998/10/05 09:20:46, 3] smbd/reply.c:reply_sesssetup_and_X(567) Domain=[DAI] NativeOS=[Windows NT 1381] NativeLanMan=[] [1998/10/05 09:20:46, 3] smbd/reply.c:reply_sesssetup_and_X(571) sesssetupX:name=[Ryan] [1998/10/05 09:20:46, 6] param/loadparm.c:lp_file_list_changed(1739) lp_file_list_changed() file /etc/smb.conf -> /etc/smb.conf last mod_time: Mon Oct 5 09:19:20 1998 [1998/10/05 09:20:46, 3] libsmb/namequery.c:resolve_wins(482) resolve_name: Attempting wins lookup for name SRV-DAIPDC<0x20> [1998/10/05 09:20:46, 3] lib/util.c:open_socket_in(3276) bind succeeded on port 0 [1998/10/05 09:20:46, 4] libsmb/nmblib.c:debug_nmb_packet(109) nmb packet from 192.188.20.150(137) header: id=24114 opcode=Query(0) response=No header: flags: bcast=No rec_avail=No rec_des=Yes trunc=No auth=No header: rcode=0 qdcount=1 ancount=0 nscount=0 arcount=0 question: q_name=SRV-DAIPDC<20> q_type=32 q_class=1 [1998/10/05 09:20:46, 5] libsmb/nmblib.c:send_udp(705) Sending a packet of len 50 to (192.188.20.150) on port 137 [1998/10/05 09:20:46, 10] lib/util.c:read_udp_socket(1869) read_udp_socket: lastip 192.188.20.150 lastport 137 read: 62 [1998/10/05 09:20:46, 10] libsmb/nmblib.c:parse_nmb(447) parse_nmb: packet id = 24114 [1998/10/05 09:20:46, 5] libsmb/nmblib.c:read_packet(684) Received a packet of len 62 from (192.188.20.150) port 137 [1998/10/05 09:20:46, 4] libsmb/nmblib.c:debug_nmb_packet(109) nmb packet from 192.188.20.150(137) header: id=24114 opcode=Query(0) response=Yes header: flags: bcast=No rec_avail=Yes rec_des=Yes trunc=No auth=Yes header: rcode=0 qdcount=0 ancount=1 nscount=0 arcount=0 answers: nmb_name=SRV-DAIPDC<20> rr_type=32 rr_class=1 ttl=0 answers 0 char `..... hex 6000C0BC1496 [1998/10/05 09:20:46, 2] libsmb/namequery.c:name_query(291) Got a positive name query response from 192.188.20.150 ( 192.188.20.150 ) [1998/10/05 09:20:48, 3] lib/util.c:open_socket_out(3308) Connecting to 192.188.20.150 at port 139 [1998/10/05 09:20:48, 0] lib/fault.c:fault_report(40) =============================================================== [1998/10/05 09:20:48, 0] lib/fault.c:fault_report(41) INTERNAL ERROR: Signal 11 in pid 30533 (2.0.0-prealpha) Please read the file BUGS.txt in the distribution [1998/10/05 09:20:48, 0] lib/fault.c:fault_report(43) =============================================================== [1998/10/05 09:20:48, 0] lib/util.c:smb_panic(4091) PANIC: internal error [1998/10/05 09:20:48, 10] lib/genrand.c:do_reseed(131) do_reseed: got 40 bytes from /dev/random. [1998/10/05 09:20:48, 4] locking/shmem_sysv.c:sysv_shm_open(544) Trying sysv shmem open of size 1048576 [1998/10/05 09:20:48, 5] locking/shmem_sysv.c:shm_initialize(424) shm_initialize : initializing shmem size 1048576 [1998/10/05 09:20:48, 6] locking/shmem_sysv.c:shm_alloc(253) shm_alloc : allocated 52 bytes at offset 48 [1998/10/05 09:20:48, 3] locking/shmem_sysv.c:sysv_shm_open(702) Initialised IPC area of size 1048576 [1998/10/05 09:20:48, 6] param/loadparm.c:lp_file_list_changed(1739) lp_file_list_changed() file /etc/smb.conf -> /etc/smb.conf last mod_time: Mon Oct 5 09:19:20 1998 [1998/10/05 09:20:48, 2] smbd/server.c:main(706) Changed root to / [1998/10/05 09:20:48, 3] smbd/oplock.c:open_oplock_ipc(50) open_oplock_ipc: opening loopback UDP socket. [1998/10/05 09:20:48, 3] lib/util.c:open_socket_in(3276) bind succeeded on port 0 [1998/10/05 09:20:48, 3] smbd/oplock.c:open_oplock_ipc(75) open_oplock ipc: pid = 30534, global_oplock_port = 1805 [1998/10/05 09:20:48, 3] smbd/process.c:smbd_process(755) priming nmbd [1998/10/05 09:20:48, 3] lib/util.c:send_one_packet(2384) sending a packet of len 1 to (127.0.0.1) on port 137 of type DGRAM [1998/10/05 09:20:48, 4] lib/time.c:TimeInit(110) Serverzone is 25200 [1998/10/05 09:20:48, 10] lib/util.c:read_smb_length_return_keepalive(2181) got smb length of 68 [1998/10/05 09:20:48, 2] lib/access.c:check_access(232) Allowed connection from RKOSKI.distribution.com (192.188.20.4) [1998/10/05 09:20:48, 6] smbd/process.c:process_smb(564) got message type 0x81 of len 0x44 [1998/10/05 09:20:48, 3] smbd/process.c:process_smb(565) Transaction 0 of length 72 [1998/10/05 09:20:48, 2] smbd/reply.c:reply_special(95) netbios connect: name1=SRV-SMG name2=RKOSKI [1998/10/05 09:20:48, 6] param/loadparm.c:lp_file_list_changed(1739) lp_file_list_changed() file /etc/smb.conf -> /etc/smb.conf last mod_time: Mon Oct 5 09:19:20 1998 [1998/10/05 09:20:48, 5] smbd/connection.c:claim_connection(127) trying claim /usr/local/samba/var/locks STATUS. 100000 [1998/10/05 09:20:48, 8] lib/util.c:fcntl_lock(4339) fcntl_lock 7 7 0 1 1 [1998/10/05 09:20:48, 8] lib/util.c:fcntl_lock(4400) Lock call successful [1998/10/05 09:20:48, 8] lib/util.c:fcntl_lock(4339) fcntl_lock 7 7 0 1 2 [1998/10/05 09:20:48, 8] lib/util.c:fcntl_lock(4400) Lock call successful [1998/10/05 09:20:48, 5] smbd/reply.c:reply_special(147) init msg_type=0x81 msg_flags=0x0 [1998/10/05 09:20:48, 6] lib/util.c:write_socket(1836) write_socket(6,4) [1998/10/05 09:20:48, 6] lib/util.c:write_socket(1839) write_socket(6,4) wrote 4 [1998/10/05 09:20:48, 10] lib/util.c:read_smb_length_return_keepalive(2181) got smb length of 170 [1998/10/05 09:20:48, 6] smbd/process.c:process_smb(564) got message type 0x0 of len 0xaa [1998/10/05 09:20:48, 3] smbd/process.c:process_smb(565) Transaction 1 of length 174 [1998/10/05 09:20:48, 5] lib/util.c:show_msg(996) size=170 smb_com=0x72 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=3 [1998/10/05 09:20:48, 5] lib/util.c:show_msg(1002) smb_tid=0 smb_pid=51966 smb_uid=100 smb_mid=0 smt_wct=0 [1998/10/05 09:20:48, 5] lib/util.c:show_msg(1012) smb_bcc=135 [1998/10/05 09:20:48, 10] lib/util.c:dump_data(4694) [000] 02 50 43 20 4E 45 54 57 4F 52 4B 20 50 52 4F 47 .PC NETW ORK PROG [1998/10/05 09:20:48, 10] lib/util.c:dump_data(4702) [010] 52 41 4D 20 31 2E 30 00 02 58 45 4E 49 58 20 43 RAM 1.0. .XENIX C [1998/10/05 09:20:48, 10] lib/util.c:dump_data(4702) [020] 4F 52 45 00 02 4D 49 43 52 4F 53 4F 46 54 20 4E ORE..MIC ROSOFT N [1998/10/05 09:20:48, 10] lib/util.c:dump_data(4702) [030] 45 54 57 4F 52 4B 53 20 31 2E 30 33 00 02 4C 41 ETWORKS 1.03..LA [1998/10/05 09:20:48, 10] lib/util.c:dump_data(4702) [040] 4E 4D 41 4E 31 2E 30 00 02 57 69 6E 64 6F 77 73 NMAN1.0. .Windows [1998/10/05 09:20:48, 10] lib/util.c:dump_data(4702) [050] 20 66 6F 72 20 57 6F 72 6B 67 72 6F 75 70 73 20 for Wor kgroups [1998/10/05 09:20:48, 10] lib/util.c:dump_data(4702) [060] 33 2E 31 61 00 02 4C 4D 31 2E 32 58 30 30 32 00 3.1a..LM 1.2X002. [1998/10/05 09:20:48, 10] lib/util.c:dump_data(4702) [070] 02 4C 41 4E 4D 41 4E 32 2E 31 00 02 4E 54 20 4C .LANMAN2 .1..NT L [1998/10/05 09:20:48, 10] lib/util.c:dump_data(4702) [080] 4D 20 30 2E 31 32 00 M 0.12. [1998/10/05 09:20:48, 3] smbd/process.c:switch_message(402) switch message SMBnegprot (pid 30534) [1998/10/05 09:20:48, 3] smbd/negprot.c:reply_negprot(332) Requested protocol [PC NETWORK PROGRAM 1.0] [1998/10/05 09:20:48, 3] smbd/negprot.c:reply_negprot(332) Requested protocol [XENIX CORE] [1998/10/05 09:20:48, 3] smbd/negprot.c:reply_negprot(332) Requested protocol [MICROSOFT NETWORKS 1.03] [1998/10/05 09:20:48, 3] smbd/negprot.c:reply_negprot(332) Requested protocol [LANMAN1.0] [1998/10/05 09:20:48, 3] smbd/negprot.c:reply_negprot(332) Requested protocol [Windows for Workgroups 3.1a] [1998/10/05 09:20:48, 3] smbd/negprot.c:reply_negprot(332) Requested protocol [LM1.2X002] [1998/10/05 09:20:48, 3] smbd/negprot.c:reply_negprot(332) Requested protocol [LANMAN2.1] [1998/10/05 09:20:48, 3] smbd/negprot.c:reply_negprot(332) Requested protocol [NT LM 0.12] [1998/10/05 09:20:48, 6] param/loadparm.c:lp_file_list_changed(1739) lp_file_list_changed() file /etc/smb.conf -> /etc/smb.conf last mod_time: Mon Oct 5 09:19:20 1998 [1998/10/05 09:20:48, 6] param/loadparm.c:lp_file_list_changed(1739) lp_file_list_changed() file /etc/smb.conf -> /etc/smb.conf last mod_time: Mon Oct 5 09:19:20 1998 [1998/10/05 09:20:48, 3] smbd/negprot.c:reply_negprot(409) Selected protocol NT LM 0.12 [1998/10/05 09:20:48, 5] smbd/negprot.c:reply_negprot(416) negprot index=7 [1998/10/05 09:20:48, 5] lib/util.c:show_msg(996) size=81 smb_com=0x72 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=1 [1998/10/05 09:20:48, 5] lib/util.c:show_msg(1002) smb_tid=0 smb_pid=51966 smb_uid=100 smb_mid=0 smt_wct=17 [1998/10/05 09:20:48, 5] lib/util.c:show_msg(1007) smb_vwv[0]=7 (0x7) [1998/10/05 09:20:48, 5] lib/util.c:show_msg(1007) smb_vwv[1]=12803 (0x3203) [1998/10/05 09:20:48, 5] lib/util.c:show_msg(1007) smb_vwv[2]=256 (0x100) [1998/10/05 09:20:48, 5] lib/util.c:show_msg(1007) smb_vwv[3]=65280 (0xFF00) [1998/10/05 09:20:48, 5] lib/util.c:show_msg(1007) smb_vwv[4]=255 (0xFF) [1998/10/05 09:20:48, 5] lib/util.c:show_msg(1007) smb_vwv[5]=0 (0x0) [1998/10/05 09:20:48, 5] lib/util.c:show_msg(1007) smb_vwv[6]=256 (0x100) [1998/10/05 09:20:48, 5] lib/util.c:show_msg(1007) smb_vwv[7]=17920 (0x4600) [1998/10/05 09:20:48, 5] lib/util.c:show_msg(1007) smb_vwv[8]=119 (0x77) [1998/10/05 09:20:48, 5] lib/util.c:show_msg(1007) smb_vwv[9]=12544 (0x3100) [1998/10/05 09:20:48, 5] lib/util.c:show_msg(1007) smb_vwv[10]=3 (0x3) [1998/10/05 09:20:48, 5] lib/util.c:show_msg(1007) smb_vwv[11]=0 (0x0) [1998/10/05 09:20:48, 5] lib/util.c:show_msg(1007) smb_vwv[12]=28848 (0x70B0) [1998/10/05 09:20:48, 5] lib/util.c:show_msg(1007) smb_vwv[13]=31772 (0x7C1C) [1998/10/05 09:20:48, 5] lib/util.c:show_msg(1007) smb_vwv[14]=48624 (0xBDF0) [1998/10/05 09:20:48, 5] lib/util.c:show_msg(1007) smb_vwv[15]=41985 (0xA401) [1998/10/05 09:20:48, 5] lib/util.c:show_msg(1007) smb_vwv[16]=2049 (0x801) [1998/10/05 09:20:48, 5] lib/util.c:show_msg(1012) smb_bcc=12 [1998/10/05 09:20:48, 10] lib/util.c:dump_data(4694) [000] D3 F8 EB 3C 81 4B FA 69 44 41 49 00 ...<.K.i DAI. [1998/10/05 09:20:48, 6] lib/util.c:write_socket(1836) write_socket(6,85) [1998/10/05 09:20:48, 6] lib/util.c:write_socket(1839) write_socket(6,85) wrote 85 [1998/10/05 09:20:48, 10] lib/util.c:read_smb_length_return_keepalive(2181) got smb length of 185 [1998/10/05 09:20:48, 6] smbd/process.c:process_smb(564) got message type 0x0 of len 0xb9 [1998/10/05 09:20:48, 3] smbd/process.c:process_smb(565) Transaction 2 of length 189 [1998/10/05 09:20:48, 5] lib/util.c:show_msg(996) size=185 smb_com=0x73 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=3 [1998/10/05 09:20:48, 5] lib/util.c:show_msg(1002) smb_tid=0 smb_pid=51966 smb_uid=100 smb_mid=0 smt_wct=13 [1998/10/05 09:20:48, 5] lib/util.c:show_msg(1007) smb_vwv[0]=117 (0x75) [1998/10/05 09:20:48, 5] lib/util.c:show_msg(1007) smb_vwv[1]=151 (0x97) [1998/10/05 09:20:48, 5] lib/util.c:show_msg(1007) smb_vwv[2]=61440 (0xF000) [1998/10/05 09:20:48, 5] lib/util.c:show_msg(1007) smb_vwv[3]=50 (0x32) [1998/10/05 09:20:48, 5] lib/util.c:show_msg(1007) smb_vwv[4]=0 (0x0) [1998/10/05 09:20:48, 5] lib/util.c:show_msg(1007) smb_vwv[5]=30534 (0x7746) [1998/10/05 09:20:48, 5] lib/util.c:show_msg(1007) smb_vwv[6]=0 (0x0) [1998/10/05 09:20:48, 5] lib/util.c:show_msg(1007) smb_vwv[7]=24 (0x18) [1998/10/05 09:20:48, 5] lib/util.c:show_msg(1007) smb_vwv[8]=24 (0x18) [1998/10/05 09:20:48, 5] lib/util.c:show_msg(1007) smb_vwv[9]=0 (0x0) [1998/10/05 09:20:48, 5] lib/util.c:show_msg(1007) smb_vwv[10]=0 (0x0) [1998/10/05 09:20:48, 5] lib/util.c:show_msg(1007) smb_vwv[11]=212 (0xD4) [1998/10/05 09:20:48, 5] lib/util.c:show_msg(1007) smb_vwv[12]=0 (0x0) [1998/10/05 09:20:48, 5] lib/util.c:show_msg(1012) smb_bcc=90 [1998/10/05 09:20:48, 10] lib/util.c:dump_data(4694) [000] F2 95 16 8C 4A 1F 09 88 3C 16 84 06 DC 6F 27 45 ....J... <....o'E [1998/10/05 09:20:48, 10] lib/util.c:dump_data(4702) [010] 2E 17 01 35 6A 88 AF D4 35 BF 9D 6C CF 02 6C 2B ...5j... 5..l..l+ [1998/10/05 09:20:48, 10] lib/util.c:dump_data(4702) [020] 50 2D 36 13 D1 61 B3 40 4C 84 22 1D 8C 28 68 9B P-6..a.@ L."..(h. [1998/10/05 09:20:48, 10] lib/util.c:dump_data(4702) [030] 52 79 61 6E 00 44 41 49 00 57 69 6E 64 6F 77 73 Ryan.DAI .Windows [1998/10/05 09:20:48, 10] lib/util.c:dump_data(4702) [040] 20 4E 54 20 31 33 38 31 00 00 57 69 6E 64 6F 77 NT 1381 ..Window [1998/10/05 09:20:48, 10] lib/util.c:dump_data(4702) [050] 73 20 4E 54 20 34 2E 30 00 00 s NT 4.0 .. [1998/10/05 09:20:48, 3] smbd/process.c:switch_message(402) switch message SMBsesssetupX (pid 30534) [1998/10/05 09:20:48, 3] smbd/reply.c:reply_sesssetup_and_X(567) Domain=[DAI] NativeOS=[Windows NT 1381] NativeLanMan=[] [1998/10/05 09:20:48, 3] smbd/reply.c:reply_sesssetup_and_X(571) sesssetupX:name=[Ryan] [1998/10/05 09:20:48, 6] param/loadparm.c:lp_file_list_changed(1739) lp_file_list_changed() file /etc/smb.conf -> /etc/smb.conf last mod_time: Mon Oct 5 09:19:20 1998 [1998/10/05 09:20:48, 3] libsmb/namequery.c:resolve_wins(482) resolve_name: Attempting wins lookup for name SRV-DAIPDC<0x20> [1998/10/05 09:20:48, 3] lib/util.c:open_socket_in(3276) bind succeeded on port 0 [1998/10/05 09:20:48, 4] libsmb/nmblib.c:debug_nmb_packet(109) nmb packet from 192.188.20.150(137) header: id=24117 opcode=Query(0) response=No header: flags: bcast=No rec_avail=No rec_des=Yes trunc=No auth=No header: rcode=0 qdcount=1 ancount=0 nscount=0 arcount=0 question: q_name=SRV-DAIPDC<20> q_type=32 q_class=1 [1998/10/05 09:20:48, 5] libsmb/nmblib.c:send_udp(705) Sending a packet of len 50 to (192.188.20.150) on port 137 [1998/10/05 09:20:48, 10] lib/util.c:read_udp_socket(1869) read_udp_socket: lastip 192.188.20.150 lastport 137 read: 62 [1998/10/05 09:20:48, 10] libsmb/nmblib.c:parse_nmb(447) parse_nmb: packet id = 24117 [1998/10/05 09:20:48, 5] libsmb/nmblib.c:read_packet(684) Received a packet of len 62 from (192.188.20.150) port 137 [1998/10/05 09:20:48, 4] libsmb/nmblib.c:debug_nmb_packet(109) nmb packet from 192.188.20.150(137) header: id=24117 opcode=Query(0) response=Yes header: flags: bcast=No rec_avail=Yes rec_des=Yes trunc=No auth=Yes header: rcode=0 qdcount=0 ancount=1 nscount=0 arcount=0 answers: nmb_name=SRV-DAIPDC<20> rr_type=32 rr_class=1 ttl=0 answers 0 char `..... hex 6000C0BC1496 [1998/10/05 09:20:48, 2] libsmb/namequery.c:name_query(291) Got a positive name query response from 192.188.20.150 ( 192.188.20.150 ) [1998/10/05 09:20:50, 3] lib/util.c:open_socket_out(3308) Connecting to 192.188.20.150 at port 139 [1998/10/05 09:20:50, 0] lib/fault.c:fault_report(40) =============================================================== [1998/10/05 09:20:50, 0] lib/fault.c:fault_report(41) INTERNAL ERROR: Signal 11 in pid 30534 (2.0.0-prealpha) Please read the file BUGS.txt in the distribution [1998/10/05 09:20:50, 0] lib/fault.c:fault_report(43) =============================================================== [1998/10/05 09:20:50, 0] lib/util.c:smb_panic(4091) PANIC: internal error [1998/10/05 09:21:03, 2] smbd/server.c:exit_server(405) Closing connections [1998/10/05 09:21:03, 3] smbd/server.c:exit_server(430) Server exit (caught signal) Ryan Koski Management Information Systems Distribution Architects International From e92_jlu at e.kth.se Mon Oct 5 17:01:39 1998 From: e92_jlu at e.kth.se (John Lundbäck) Date: Tue Dec 2 02:24:32 2003 Subject: Mysterious files in users Profile directory Message-ID: <199810051701.TAA00940@quito.e.kth.se> Hi all! I'm not really sure this question is proper here but anyway... Every time a user logs in and out there are some mystical files created in the users Profile directory, these files are named prfxx and prfxx.log What are they for creatures and why do they multiply? One is always 0 bytes the other is exactly 8Kb. How do I get rid of these files? They are beginning to be really annoying (and consuming disk space). Question two is the printer hack described in the NTdom FAQ. I put the line net use lpt1 \\server\printer into my ntlogon.bat file, but this produces an error when it is executed by the client station during the logon sequence. The printing does work though, just wonder if there is something more to know than there appears to be. Regards, John From caesmb at lab2.cc.wmich.edu Mon Oct 5 18:33:05 1998 From: caesmb at lab2.cc.wmich.edu (CAE Samba Admin) Date: Tue Dec 2 02:24:32 2003 Subject: Mysterious files in users Profile directory In-Reply-To: <199810051701.TAA00940@quito.e.kth.se> Message-ID: >Question two is the printer hack described in the NTdom FAQ. I put the line >net use lpt1 \\server\printer into my ntlogon.bat file, but this produces an >error when it is executed by the client station during the logon sequence. The >printing does work though, just wonder if there is something more to know than >there appears to be. try putting "server" in your %windir%\system32\drivers\etc\lmhosts file... Kevin From bpowell at osc.edu Mon Oct 5 18:35:11 1998 From: bpowell at osc.edu (Brian Powell) Date: Tue Dec 2 02:24:32 2003 Subject: Samba as PDC *and* BDC? Message-ID: Is it possible for two unix boxes running the Samba NT domain code to function as primary and backup domain controllers? Replicating the smbpasswd file is pretty trivial with SSH or something, but are there other factors that need to be addressed to make this work? For instance, does the domain SID have to be similar or completely different for the two machines? Thanks! -- Brian Powell http://www.osc.edu/~bpowell/ Senior Systems Analyst, The Ohio Supercomputer Center PGP public key at: "finger -l bpowell@osc.edu" or at the above URL From cartegw at Eng.Auburn.EDU Mon Oct 5 18:52:47 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:32 2003 Subject: Mysterious files in users Profile directory References: <199810051701.TAA00940@quito.e.kth.se> Message-ID: <3619157F.BB62641@eng.auburn.edu> John Lundb?ck wrote: > > > Question two is the printer hack described in the NTdom FAQ. I > put the line net use lpt1 \\server\printer into my ntlogon.bat file, > but this produces an error What is the error message? j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From cartegw at Eng.Auburn.EDU Mon Oct 5 18:55:40 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:32 2003 Subject: Samba as PDC *and* BDC? References: Message-ID: <3619162C.162EBB0@eng.auburn.edu> Brian Powell wrote: > > For instance, does the domain SID have to be similar or completely > different for the two machines? The domain sid would need to be the same. and both machines would need register with the same WINS server. Whichever registered DOMAIN<1b> first would be the PDC. In the case of a failure, once the other Samba PDC could register DOMAIN<1b> with the WINS server, then machines should start looking at this one as the PDC. The domain sid things is standard with NT PDC <-> BDC's now. If you install an NT Server and tell it that it will be a BNDC, it contacts the PDC to get the domain sid -- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From cartegw at Eng.Auburn.EDU Mon Oct 5 19:01:01 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:32 2003 Subject: Samba as PDC *and* BDC? References: Message-ID: <3619176D.8E7202E7@eng.auburn.edu> Hmmm... apparently + tells netscape to send the the mail **even if you not done!!*** Sorry about that. As I was saying, the NT BDC will get the domain sid from the PDC during installation. The only problem I can think of off hand would the be time during which the second Samba PDC is trying to register the <1b> record. This is not guarenteed to work. I'm just making comments off the top of my head. j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From MATHOG at seqaxp.bio.caltech.edu Mon Oct 5 20:08:46 1998 From: MATHOG at seqaxp.bio.caltech.edu (MATHOG@seqaxp.bio.caltech.edu) Date: Tue Dec 2 02:24:32 2003 Subject: Redhat 5.1, 2.0.0 alpha, what advantage PAM? Message-ID: <981005130846.20202418@seqaxp.bio.caltech.edu> Hi, It appears that the CVS source builds by default to include PAM support on RedHat 5.1, and there is some very cryptic (for somebody who had never heard of PAM before last week) information in "packaging" about how to configure it, but nothing particular useful about what PAM actually does for you in this situation. Also, while the Makefile has "-lpam" and the .h file doesn't have it undef'd, none of the "pam" files in packaging installed when I did "make install". Which leads me to ask: Is PAM on by default, or not, when you build the CVS tree in Redhat 5.1? Can somebody explain (briefly) why a Samba domain controller, running on RedHat 5.1, would want to use PAM? Previously we've been running 1.9.19 on an SGI, and that worked fine as a primary domain controller pretty much out of the box, well, after a third or fourth read of the NTdomain.txt file, anyway. Conversely, the current 2.0.0 alpha CVS sources build ok, and remote machines can connect to a share using the domain username/password, but none of the workstations in the domain will let a domain user login on the console when the new server is the only one run (becomes the PDC). A zero byte logfile is created, and that's it on the server end. We've fallen back to having the 1.9.19 samba on an SGI server out NFS served user disk, which works, but we'd really like to get the SGI out of the loop. Thanks, David Mathog mathog@seqaxp.bio.caltech.edu Manager, sequence analysis facility, biology division, Caltech From MATHOG at seqaxp.bio.caltech.edu Mon Oct 5 22:37:47 1998 From: MATHOG at seqaxp.bio.caltech.edu (MATHOG@seqaxp.bio.caltech.edu) Date: Tue Dec 2 02:24:32 2003 Subject: Redhat 5.1, 2.0.0 alpha, what advantage PAM? Message-ID: <981005153747.20202418@seqaxp.bio.caltech.edu> In response to a reply from Luke Kenneth Casson Leighton I'm forwarding this information here. I hope this isn't out of bounds for this group. >david, information like this really needs an smb.conf file to accompany >it, to get any sensible answers out of people. Sorry, I was trying to keep it short. Does it help any if I add that I just moved the smb.conf file from the working 1.9.19 SGI system to the 2.0.0 Linux system? (And edited one line, see below). I assumed that it would be upwardly compatible, and testparm didn't have any problems with it, but as I stated, the 2.0.0 alpha wouldn't allow logins from the WNT 4 sp3 workstations (but would allow mounts of shares.) The outputs from testparm look about the same on both systems. (Full smb.conf, and outputs from testparm on both platforms follows my signature.) On the SGI, testparm shows: domain logons = Yes os level = 33 preferred master = Yes domain master = Yes and on Linux: domain controller = No <---- this refers to an NT controller, which we don't have domain logons = Yes os level = 33 preferred master = Yes local master = Yes domain master = Yes Looks about the same to me. The only change I made in smb.conf was to the netlogon path, since the name of the disk was different on Linux, but the structure was identical. There's no /etc/pam.d/samba file now. If one is required, why doesn't make install put one in??? Thanks, David Mathog mathog@seqaxp.bio.caltech.edu Manager, sequence analysis facility, biology division, Caltech ********** output of testparms on SGI 1.9.19 alpha **************** Load smb config files from /usr/samba/lib/smb.conf Processing section "[homes]" Processing section "[printers]" Processing section "[netlogon]" Loaded services file OK. Press enter to see a dump of your service definitions # Global parameters security = USER encrypt passwords = Yes log file = /usr/samba/var/log.%m max log size = 50 socket options = TCP_NODELAY printcap name = /usr/samba/printcap logon script = scripts\%U.bat domain logons = Yes os level = 33 preferred master = Yes domain master = Yes wins server = 131.215.51.51 comment = Samba %v printing = bsd print command = /usr/samba/bin/sambalp %p %s %U %m [homes] comment = Home Directories read only = No browseable = No [printers] comment = All Printers path = /usr/tmp create mask = 0700 guest ok = Yes print ok = Yes browseable = No [netlogon] path = /gander/usr/netlogon [lp] comment = LPS17 via seqaxp TEXT only path = /usr/tmp read only = No create mask = 0700 guest ok = Yes print ok = Yes printer name = lp share modes = No oplocks = No [lps] comment = LPS17 via seqaxp Postscript only path = /usr/tmp read only = No create mask = 0700 guest ok = Yes print ok = Yes printer name = lps share modes = No oplocks = No ********** output of testparms on Linux box, 2.0.0alpha **************** Load smb config files from /usr/local/samba/lib/smb.conf Processing section "[homes]" Processing section "[printers]" Processing section "[netlogon]" Loaded services file OK. Press enter to see a dump of your service definitions # Global parameters workgroup = SAF netbios name = netbios aliases = server string = Samba 2.0.0-prealpha interfaces = bind interfaces only = No security = USER encrypt passwords = Yes update encrypted = No use rhosts = No null passwords = No password server = smb passwd file = /usr/local/samba/private/smbpasswd hosts equiv = root directory = / passwd program = /usr/local/samba/bin/smbpasswd passwd chat = *old*password* %o\n *new*password* %n\n *new*password* %n\n *changed* passwd chat debug = No username map = password level = 0 username level = 0 unix password sync = No log level = 2 syslog = 1 syslog only = No log file = /usr/local/samba/var/log.%m max log size = 50 timestamp logs = Yes protocol = NT1 read bmpx = Yes read raw = Yes write raw = Yes networkstation user login = No nt smb support = Yes announce version = 4.2 announce as = NT max mux = 50 max xmit = 65535 name resolve order = lmhosts host wins bcast max packet = 65535 max ttl = 259200 max wins ttl = 518400 min wins ttl = 21600 time server = No change notify timeout = 60 deadtime = 0 getwd cache = Yes keepalive = 300 lpq cache time = 10 max disk size = 0 read prediction = No read size = 16384 shared mem size = 1048576 socket options = TCP_NODELAY stat cache size = 50 load printers = Yes printcap name = /usr/local/samba/printcap printer driver file = /usr/local/samba/lib/printers.def strip dot = No character set = mangled stack = 50 coding system = client code page = 850 stat cache = Yes domain sid = domain groups = domain controller = No domain admin group = domain guest group = domain admin users = domain guest users = machine password timeout = 604800 logon script = scripts\%U.bat logon path = \\%N\%U\profile logon drive = logon home = \\%N\%U domain logons = Yes os level = 33 lm announce = Auto lm interval = 60 preferred master = Yes local master = Yes domain master = Yes browse list = Yes dns proxy = Yes wins proxy = No wins server = 131.215.51.51 wins support = No kernel oplocks = No ole locking compatibility = Yes smbrun = /usr/local/samba/bin/smbrun config file = preload = lock dir = /usr/local/samba/var/locks default service = message command = dfree command = valid chars = remote announce = remote browse sync = socket address = 0.0.0.0 homedir map = time offset = 0 unix realname = No NIS homedir = No panic action = comment = Samba %v path = alternate permissions = No revalidate = No username = guest account = nobody invalid users = valid users = admin users = read list = write list = force user = force group = read only = Yes create mask = 0744 force create mode = 00 directory mask = 0755 force directory mode = 00 guest only = No guest ok = No only user = No hosts allow = hosts deny = status = Yes max connections = 0 min print space = 0 strict sync = No sync always = No print ok = No postscript = No printing = bsd print command = /usr/local/samba/bin/sambalp %p %s %U %m lpq command = lpq -P%p lprm command = lprm -P%p %j lppause command = lpresume command = queuepause command = queueresume command = printer name = printer driver = NULL printer driver location = default case = lower case sensitive = No preserve case = Yes short preserve case = Yes mangle case = No mangling char = ~ hide dot files = Yes delete veto files = No veto files = hide files = veto oplock files = map system = No map hidden = No map archive = Yes mangled names = Yes mangled map = browseable = Yes blocking locks = Yes fake oplocks = No locking = Yes oplocks = Yes strict locking = No share modes = Yes copy = include = exec = postexec = root preexec = root postexec = available = Yes volume = fstype = Samba set directory = No wide links = Yes follow symlinks = Yes dont descend = magic script = magic output = delete readonly = No dos filetimes = No dos filetime resolution = No fake directory create times = No [homes] comment = Home Directories read only = No browseable = No [printers] comment = All Printers path = /usr/tmp create mask = 0700 guest ok = Yes print ok = Yes browseable = No [netlogon] path = /u1/usr/netlogon ********* smb.conf file, used on both machines ***************************************** ; Configuration file for smbd. ; ============================================================================ ; For the format of this file and comprehensive descriptions of all the ; configuration option, please refer to the man page for smb.conf(5). ; This is a sample configuration for IRIX 6.x systems ; ; The following configuration should suit most systems for basic usage and ; initial testing. It gives all clients access to their home directories and ; /usr/tmp and allows access to all printers returned by lpstat. ; [global] comment = Samba %v workgroup = SAF encrypt passwords = yes printing = BSD ; ; The default for printcap name is lpstat which will export all printers. ; If you want to limit the printers that are visible to clients, you can ; use a printcap file. The script mkprintcap.sh will create a printcap ; file that contains all your printers. Edit this file to only contain the ; printers that you wish to be visible. Names longer than 15 characters ; in the printcap file will not be visible to clients. ; printcap name = /usr/local/samba/printcap ; ; If you are using Impressario 1.x then you'll want to use the ; sambalp script provided with this package. It works around ; a problem in the PostScript generated by the standard Windows ; drivers--there is a check to verify sufficient virtual memory ; is available in the printer to print the job, but this fails ; under Impressario because of a bug in Impressario 1.x. The sambalp ; script strips out the vmstatus check. BTW, when using this ; setup to print be sure to configure a Windows printer driver ; that generates PostScript--QMS-PS 810 is one that should work ; with the sambalp script. This version of sambalp (if installed ; as a setuid script - see the comments at the beginning of the ; script) will setuid to the username if valid on the system. This ; makes the banner pages print the proper username. You can disable ; the PostScript fixes by changing a variable in sambalp. ; print command = /usr/local/samba/bin/sambalp %p %s %U %m ; print command = /usr/bin/lp -c -d%p -t"%U on machine %m" %s ; rm %s load printers = yes guest account = nobody browseable = yes ; this tells Samba to use a separate log file for each machine ; that connects - default is single file named /usr/samba/var/log.smb log file = /usr/local/samba/var/log.%m ; Set a max size for log files in Kb max log size = 50 ; You will need a world readable lock directory and "share modes=yes" ; if you want to support the file sharing modes for multiple users ; of the same files locking = yes lock directory = /usr/local/samba/var/locks share modes = yes ; needed for user authentication from workstations security = user ; You need to test to see if this makes a difference on your system socket options = TCP_NODELAY ; Set the os level to > 32 if there is no NT server for your workgroup os level = 33 preferred master = yes domain master = yes local master = yes ; wins support = yes wins server = 131.215.51.51 ; ; for linux, set an interface ; ; interfaces = 131.215.52.42/255.255.255.0 preserve case = yes short preserve case = yes ; ; bits to enable authentication for remote WNT workstations ; domain logons = yes logon script = scripts\%U.bat [homes] comment = Home Directories browseable = no writable = yes ; To allow Win95 clients to automatically load printer drivers, uncomment ; the following section (and the lines in the printers section below). ; Run the make_printerdef command to create the /usr/samba/lib/printers.def ; file (see the PRINTER_DRIVER.txt file in the docs directory for info). ; Copy all the required files to the /usr/samba/printer directory ; ;[printer$] ; comment = printer driver directory ; path=/usr/samba/printer ; public=yes ; writable=no ; browseable=yes [printers] comment = All Printers path = /usr/tmp browseable = no printable = yes public = yes writable = no create mask = 0700 ; ; profiles, for roaming users ; [netlogon] path = /u1/usr/netlogon writeable = no guest ok = no ; ; this specifies the location of the share containing the printer driver ; files - see the printer$ section above ; ; printer driver location = \\%h\printer$ ; ; the following line will make all printers default to the QMS-PS 810 Turbo ; driver - which works quite well for Impressario. If you need a diferent ; driver for a specific printer, create a section for that printer and ; specify the correct printer driver. ; ; printer driver = QMS-PS 810 Turbo ;[tmp] ; comment = Temporary file space ; path = /usr/tmp ; read only = no ; public = yes From shui at pointsnorth.com Mon Oct 5 23:18:26 1998 From: shui at pointsnorth.com (shui@pointsnorth.com) Date: Tue Dec 2 02:24:32 2003 Subject: How to add NT workstation to Samba controlled domain? Message-ID: <87256694.00799E32.00@yxepna01.pointsnorth.com> Hello all, I've fetched the latest CVS Samba code on Monday, October 5 and successfully built and installed the system. When I tried to add NT workstation to Samba controlled domain, I encountered a problem. The Samba NTDOM FAQ said that I need to create an account in /etc/passwd for the username . However, all the PCs in our network are getting the address via DHCP. The IP address is different for every reboot and basically there is no hostnames registered i n the DNS at all. My question is: Should I just add the hostname of the machine as defined in the PC's configuration: control panel-> network section? What is the use of defining the hostname$ in the /etc/passwd? What is it checked against? Last but not least, I would like to thank the Samba team for the great work you've done. Any comment, advice, pointer ...etc. would be greatly appreciated. Thanks a lot! Sandie From BARTH at cck.uni-kl.de Tue Oct 6 07:30:55 1998 From: BARTH at cck.uni-kl.de (Christian Barth) Date: Tue Dec 2 02:24:32 2003 Subject: How to add NT workstation to Samba controlled domain? Message-ID: <760F4A3103@novell-fbk1.mv.uni-kl.de> > Should I just add the hostname of the machine as defined in the PC's > configuration: control panel-> > network section? As far as I know: Yes > What is the use of defining the hostname$ in the /etc/passwd? What is it > checked against? NT uses the same identification mechanism for users and for machines in a domain. So you need an machine entery in /../../smbpasswd. smbpasswd is part of the NT-RID <-> Unix-ID translation and it has to be ensured that this is unique. So every entery in smbpasswd needs one in passwd. Christian From fedor at _NOSPAM_topmail.de Tue Oct 6 10:05:28 1998 From: fedor at _NOSPAM_topmail.de (Fedor A. Seidler) Date: Tue Dec 2 02:24:32 2003 Subject: subscribe Message-ID: <3619EB68.B27EA523@topmail.de> subscribe Thank You! Fedor Seidler. From greg.mitchell at sdrc.com Tue Oct 6 15:50:58 1998 From: greg.mitchell at sdrc.com (Greg Mitchell) Date: Tue Dec 2 02:24:32 2003 Subject: Directory permission Message-ID: <01BDF106.70588870@STARBUCKS> Samba-NT, I am using samba-1.9.18p10 and I am having difficulty with setting up password protection. I would like to use Samba as a simple file server for file sharing and backups. I was wanting to make the smb.conf read only and just manage the passwords manually. The users do not know Unix or want to deal with a separate password utility. I would like to make the top level directory readable to all and have some level of permissions below the top level, user and maybe group. I have a user created with the passwd/user_name the same on both the PC and Unix. Could someone be so kind as to show me the error of my ways. Here is a smb.conf that I have been working with but it is not accessable to anyone. Having "guest account = guest" is too open. Thank you in advance, Greg [global] dns proxy = yes interfaces = 156.132.185.181 workgroup = WORKGROUP read raw = yes write raw = yes security = user encrypt passwords = no password level = 2 username level = 2 domain logons = yes max log size = 50000 debug level = 20 syslog only = no load printers = yes status = yes browseable = yes allow hosts = 156.132.185. follow symlinks = yes log file = /opt/samba/log/log.%m ################## [shared] comment = shared_files path = /user/shared_files browseable = yes writable = no public = yes [new] comment = new origin files path = /user/new_files writable = no browseable = yes public = yes read only = yes [project] comment = project path = /user/project valid users = ntuser #ntuser account = ntuser writable = no browseable = yes public = yes read only = no [esc_users] comment = ESC User Directories path = /users/esc_users writable = yes browseable = yes public = yes read only = no [esc_shared] comment = ESC Shared Directories path = /users/esc_shared writable = yes browseable = yes public = yes read only = yes [ntuser] comment = ntuser path = /user/esc_users/ntuser valid users = ntuser browseable = yes writable = yes write list = %S public = yes read only = yes [bella] comment = Ed Silva's Laptop path = /tmp valid users = ed browseable = yes writable = yes public = yes read only = yes From cartegw at Eng.Auburn.EDU Tue Oct 6 17:54:18 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:32 2003 Subject: Directory permission References: <01BDF106.70588870@STARBUCKS> Message-ID: <361A594A.5A4C98A7@eng.auburn.edu> Greg, Please direct questions not related to Samba PDC support or security=domain to the main samba mailing list. See http://samba.anu.edu.au/listproc for more info. j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From Stephan.Wuelfert at fh-hof.de Wed Oct 7 12:34:07 1998 From: Stephan.Wuelfert at fh-hof.de (Stephan =?iso-8859-1?Q?Wülfert?=) Date: Tue Dec 2 02:24:32 2003 Subject: Samba as BDC Message-ID: <199810071157.NAA25009@fhh-rz3.fh-hof.de> Hello all, we have a NT-Server running here (PDC). Also we have several Linux-Servers. Our main problem is that we manually must create every account on the Linux/Samba-servers AND on the NT-Server. Only one question : ;-) The PDC/BDC-replication is that what we need. Is this function near or far in the future? Maybe I can help to complete that function. We have a bit trouble because we move to a new building, but in two or three weeks it should be over. by ---------------------------------------------------------------------------- Stephan W?lfert Rechenzentrum Fachhochschule Hof E-Mail: Stephan.Wuelfert@fh-hof.de Telefon: 09281 / 40 93 09 ---------------------------------------------------------------------------- From jamest at math.ksu.edu Wed Oct 7 16:14:27 1998 From: jamest at math.ksu.edu (James Thompson) Date: Tue Dec 2 02:24:32 2003 Subject: Profiles Message-ID: Hello, I'm needing to connect NT4 workstation to Solaris 2.6 for file and password sharing. I'm running an image of the CVS code from Monday and *almost* have everything working the way I want. Except.... Profiles: I've been through the archive, faq, docs, examples, etc. No luck. I saw someone mention something about NT not creating its profile dirs on the samba host and that it must be done manually, they referenced a previos email for more details that I couldn't find. I created a profile and profile.pds in my home dir. This stopped the cannont create dir error on the NT client but now it claims roving profiles are not available and a local copy will be used instead. I've tried the logon path in users home dirs, I've tried the Profiles share, I'm sure it something I just overlooking. Heres some snips of my smb.conf file. This contains parts of other solutions found in the archive. I really don't like the writable = yes guest ok = yes in the profiles share but it was posted as a solution somewhere. [global] security = user socket options = TCP_NODELAY local master = yes domain master = yes preferred master = yes domain logons = yes wins support = yes dns proxy = yes encrypt passwords = yes logon path = \\noether\Profiles\%U\profile logon home = \\noether\%U logon drive = h: logon script = network.bat #============================ Share Definitions ============================== [Profiles] path = /usr/local/samba.nt/samba/profiles browseable = yes guest ok = yes writable = yes case sensitive = no preserve case = yes [homes] comment = Home Directories browseable = no writable = yes TIA ->->->->->->->->->->->->->->->->->->---<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-< James Thompson 138 Cardwell Hall Manhattan, Ks 66506 785-532-0561 Kansas State University Department of Mathematics ->->->->->->->->->->->->->->->->->->---<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-< From shui at pointsnorth.com Wed Oct 7 17:08:21 1998 From: shui at pointsnorth.com (shui@pointsnorth.com) Date: Tue Dec 2 02:24:32 2003 Subject: EMERGENCY: User profile for Win98 domain logon lost after upgrade to Oct 5 CVS code Message-ID: <87256696.005CABA0.00@yxepna01.pointsnorth.com> Hello all, I'm in very big big trouble here. In an attempt to enable domain logon for NT workstations as well, I fetched the CVS code on Oct 5, 98. I successful built it with no error. I copied the smb.conf from a workable Sambav1.9.18p8 to the Samba2.0alpha. Then I started the smbd and nmbd of Samba2.0alpha. I rebooted one of the Windows 98 (which used to be working happily with Samba1.9.18p8). I can do a domain logon. However, Samba log showed that it attempts to perform the netlogon but for a short while, everything is disconnected. A net use on the Windows98 workstation showed that service netlogon was disconnected. Other services didn't even show up on the output of net use. Strange enough, the Windows 98 then tries to look for the policy file which it never will in Samba1.9.18p8. I'm forced to fall back to 1.9.18p8. Could some one please provide assistance on why that happens? I don't even have a chance to test the domain logon on NT yet. The Oct 5 CVS code doesn't seem to be working with Windows 98 yet. Anyone has a similar experience before. I'll greatly appreciate for any comment or advise. I'm in urgent need to solve this problem. Thanks a lot for your help! Below please find the smb.conf and extract from smb.log. I'm sorry if the message is real long 'cause I set the debug level to 10. By the way, from the error message, the server keeps complaining about my second printer and said "Couldn't find printers". Why? Sandie ------- SMB.CONF ------ workgroup = yyctpa server string = Calgary, 'B' Agency Server security = user password level = 2 domain controller=yes domain logons = yes preferred master=yes domain master=yes wins support=yes logon script = %U.bat debug level = 10 encrypt passwords = yes unix password sync = yes passwd program = /bin/nispasswd %u passwd chat = *New\spassword* %n\n *enter\snew\spassword* %n\n *password*changed* . [netlogon] path = /usr/local/samba2.0a/samba/netlogon writeable = no guest ok = no root preexec = /usr/local/samba2.0a/samba/bin/makelogonscript %U %h [homes] comment = Home Directories browseable = no writeable = no write list = %S [ibmlaser] printable = yes comment = "IBM Laser Printer" public = yes browseable = yes printer name = print01 path = /tmp [lexmark] printable = yes comment = "LexMark Laser Printer" public = yes browseable = yes printer name = print02 path = /tmp ------- SMB.LOG ------ 1998/10/07 08:27:19, 1] smbd/service.c:make_connection(482) yyctpa1f (204.50.11.40) connect to service netlogon as user testuser (uid=1001 , gid=10) (pid 1212) [1998/10/07 08:27:19, 1] smbd/service.c:make_connection(482) yyctpa1f (204.50.11.40) connect to service netlogon as user testuser (uid=1001 , gid=10) (pid 1215) [1998/10/07 08:27:20, 1] smbd/service.c:make_connection(482) yyctpa1f (204.50.11.40) connect to service netlogon as user testuser (uid=1001 , gid=10) (pid 1218) 1998/10/07 08:29:19, 1] smbd/service.c:make_connection(482) yyctpa1f (204.50.11.40) connect to service netlogon as user testuser (uid=1001 , gid=10) (pid 1245) [1998/10/07 08:29:23, 1] smbd/service.c:make_connection(482) yyctpa1f (204.50.11.40) connect to service netlogon as user testuser (uid=1001 , gid=10) (pid 1248) [1998/10/07 08:32:47, 1] smbd/service.c:make_connection(482) yyctpa1f (204.50.11.40) connect to service ibmlaser as user testuser (uid=1001 , gid=10) (pid 1254) doing parameter encrypt passwords = yes doing parameter unix password sync = yes doing parameter passwd program = /bin/nispasswd %u doing parameter passwd chat = *New\spassword* %n\n *enter\snew\spassword* %n\n *password*changed* . [1998/10/07 08:36:40, 2] param/loadparm.c:do_section(2154) Processing section "[netlogon]" doing parameter path = /usr/local/samba2.0a/samba/netlogon doing parameter writeable = no doing parameter guest ok = no doing parameter root preexec = /usr/local/samba2.0a/samba/bin/makelogonscript %U %h [1998/10/07 08:36:40, 2] param/loadparm.c:do_section(2154) Processing section "[ibmlaser]" doing parameter printable = yes doing parameter comment = "IBM Laser Printer" doing parameter public = yes doing parameter browseable = yes doing parameter printer name = print01 doing parameter path = /tmp [1998/10/07 08:36:40, 2] param/loadparm.c:do_section(2154) Processing section "[lexmark]" doing parameter printable = yes doing parameter comment = "LexMark Laser Printer" doing parameter public = yes doing parameter browseable = yes doing parameter printer name = print02 doing parameter path = /tmp [1998/10/07 08:36:40, 3] param/loadparm.c:lp_load(2476) pm_process() returned Yes [1998/10/07 08:36:40, 3] param/loadparm.c:lp_add_ipc(1450) adding IPC service [1998/10/07 08:36:40, 7] param/loadparm.c:lp_servicenumber(2554) lp_servicenumber: couldn't find printers [1998/10/07 08:36:40, 7] param/loadparm.c:lp_servicenumber(2554) lp_servicenumber: couldn't find printers (*** This lines keep repeating for a number of times -- SKIP **) [1998/10/07 08:37:40, 6] param/loadparm.c:lp_file_list_changed(1739) lp_file_list_changed() file /usr/local/samba2.0a/samba/lib/smb.conf -> /usr/local/samba2.0a/samba/lib /smb.conf last mod_time: Wed Oct 7 08:36:25 1998 [1998/10/07 08:37:47, 6] param/loadparm.c:lp_file_list_changed(1739) lp_file_list_changed() file /usr/local/samba2.0a/samba/lib/smb.conf -> /usr/local/samba2.0a/samba/lib /smb.conf last mod_time: Wed Oct 7 08:36:25 1998 [1998/10/07 08:37:56, 10] lib/util.c:read_smb_length_return_keepalive(2181) got smb length of 35 [1998/10/07 08:37:56, 6] smbd/process.c:process_smb(564) got message type 0x0 of len 0x23 [1998/10/07 08:37:56, 3] smbd/process.c:process_smb(565) Transaction 8 of length 39 [1998/10/07 08:37:56, 5] lib/util.c:show_msg(996) size=35 smb_com=0x71 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=0 smb_flg2=0 [1998/10/07 08:37:56, 5] lib/util.c:show_msg(1002) smb_tid=2 smb_pid=6595 smb_uid=100 smb_mid=4609 smt_wct=0 [1998/10/07 08:37:56, 5] lib/util.c:show_msg(1012) smb_bcc=0 [1998/10/07 08:37:56, 3] smbd/process.c:switch_message(402) switch message SMBtdis (pid 1254) [1998/10/07 08:37:56, 1] smbd/service.c:close_cnum(508) yyctpa1f (204.50.11.40) closed connection to service ibmlaser [1998/10/07 08:37:56, 3] smbd/connection.c:yield_connection(40) Yielding connection to ibmlaser [1998/10/07 08:37:56, 3] smbd/connection.c:yield_connection(40) Yelding connection to STATUS. 1998/10/07 08:37:56, 8] lib/util.c:fcntl_lock(4339) fcntl_lock 10 35 0 1 2 [1998/10/07 08:37:56, 8] lib/util.c:fcntl_lock(4400) Lock call successful [1998/10/07 08:37:56, 8] lib/util.c:fcntl_lock(4339) fcntl_lock 10 35 0 1 3 [1998/10/07 08:37:56, 8] lib/util.c:fcntl_lock(4400) Lock call successful [1998/10/07 08:37:56, 6] lib/util.c:write_socket(1839) write_socket(7,39) wrote 39 [1998/10/07 08:37:56, 3] smbd/process.c:smbd_process(806) end of file from client [1998/10/07 08:37:56, 2] smbd/server.c:exit_server(405) Closing connections [1998/10/07 08:37:56, 3] smbd/server.c:exit_server(430) Server exit (normal exit) (*** The whole process repeats until yielding all connections ***) 1998/10/07 08:38:21, 3] smbd/process.c:switch_message(402) switch message SMBtdis (pid 1233) [1998/10/07 08:38:21, 3] smbd/service.c:close_cnum(508) yyctpa06 (204.50.11.6) closed connection to service IPC$ [1998/10/07 08:38:21, 3] smbd/connection.c:yield_connection(40) Yielding connection to IPC$ Changed root to / [1998/10/07 08:38:42, 3] smbd/oplock.c:open_oplock_ipc(50) open_oplock_ipc: opening loopback UDP socket. [1998/10/07 08:38:42, 3] lib/util.c:open_socket_in(3276) bind succeeded on port 0 [1998/10/07 08:38:42, 3] smbd/oplock.c:open_oplock_ipc(75) open_oplock ipc: pid = 1359, global_oplock_port = 58070 [1998/10/07 08:38:42, 3] smbd/process.c:smbd_process(755) priming nmbd 1998/10/07 08:38:57, 0] smbd/process.c:smbd_process(838) Reloading services after SIGHUP [1998/10/07 08:38:57, 5] param/loadparm.c:free_service(1320) free_service: Freeing service netlogon [1998/10/07 08:38:57, 5] param/loadparm.c:free_service(1320) free_service: Freeing service homes [1998/10/07 08:38:57, 5] param/loadparm.c:free_service(1320) free_service: Freeing service notes [1998/10/07 08:38:57, 5] param/loadparm.c:free_service(1320) free_service: Freeing service root [1998/10/07 08:38:57, 5] param/loadparm.c:free_service(1320) free_service: Freeing service software From jmeff at engsoc.queensu.ca Wed Oct 7 17:31:58 1998 From: jmeff at engsoc.queensu.ca (Jamie ffolliott) Date: Tue Dec 2 02:24:32 2003 Subject: Profiles In-Reply-To: Message-ID: <000101bdf218$62de13a0$0245a8c0@dagobah.cgocable.net> Here is our configuration, which works with one of the 1.19pre-alpha snapshots. Roaming profiles & policies & NT PDC functionality is working fine. security = user socket options = TCP_NODELAY local master = yes os level = 63 domain master = yes preferred master = yes domain logons = yes wins support = yes dns proxy = no encrypt passwords = yes logon script = logon.bat logon path = \\%L\profiles\%U logon drive = h: logon home = \\%L\home\%U # Share definitions [home] comment = Home directories browseable = yes writable = yes path = /home hide dot files = yes [profiles] path = /home/profiles browseable = no guest ok = yes directory mask = 0700 [netlogon] path = /home/netlogon guest ok = yes writable = no share modes = no locking = no case sensitive = no Jamie > -----Original Message----- > From: samba-ntdom@samba.anu.edu.au > [mailto:samba-ntdom@samba.anu.edu.au]On Behalf Of James Thompson > Sent: October 7, 1998 12:15 PM > To: Multiple recipients of list > Subject: Profiles > > > ->->->->->->->->->->->->->->->->->->---<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-< > James Thompson 138 Cardwell Hall Manhattan, Ks 66506 > 785-532-0561 > Kansas State University Department of Mathematics > ->->->->->->->->->->->->->->->->->->---<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-< > From amol at memcad.com Wed Oct 7 20:07:07 1998 From: amol at memcad.com (Amol Karnik) Date: Tue Dec 2 02:24:32 2003 Subject: make failing on solaris2.5.1 Message-ID: <361BC9EB.C63890E8@memcad.com> hi all, just did an update in the cvs tree today and tried to compile samba, but it failed. this the 2.0preaplha checkout. i configured with all the defaults only...no addition except --prefix. - amol toddy:/amd/amol/admin/samba/samba2.0/samba/source (105)>make Using FLAGS = -g -I/usr/openwin/include -I/usr/dt/include -Iinclude -I./include -I./ubiqx -I./smbwrapper -DSMBLOGFILE="/usr/local/samba/var/log.smb" -DNMBLOGFILE="/usr/local/samba/var/log.nmb" -DCONFIGFILE="/usr/local/samba/lib/smb.conf" -DLMHOSTSFILE="/usr/local/samba/lib/lmhosts" -DSWATDIR="/usr/local/samba/swat" -DSBINDIR="/usr/local/samba/bin" -DLOCKDIR="/usr/local/samba/var/locks" -DSMBRUN="/usr/local/samba/bin/smbrun" -DCODEPAGEDIR="/usr/local/samba/lib/codepages" -DDRIVERFILE="/usr/local/samba/lib/printers.def" -DHAVE_INCLUDES_H -DSMB_PASSWD="/usr/local/samba/bin/smbpasswd" -DSMB_PASSWD_FILE="/usr/local/samba/private/smbpasswd" Using LIBS = -lXm -lXt -lXext -lX11 -lsocket -lnsl Compiling smbd/server.c "/usr/include/sys/acl.h", line 21: invalid type combination "/usr/include/sys/acl.h", line 21: warning: typedef declares no type name "include/proto.h", line 2340: warning: dubious tag declaration: struct stat64 "include/proto.h", line 2341: warning: dubious tag declaration: struct dirent64 "include/proto.h", line 2342: warning: dubious tag declaration: struct kernel_stat cc: acomp failed for smbd/server.c *** Error code 2 make: Fatal error: Command failed for target `smbd/server.o' From jamest at math.ksu.edu Wed Oct 7 21:37:08 1998 From: jamest at math.ksu.edu (James Thompson) Date: Tue Dec 2 02:24:32 2003 Subject: make failing on solaris2.5.1 In-Reply-To: <361BC9EB.C63890E8@memcad.com> Message-ID: On Thu, 8 Oct 1998, Amol Karnik wrote: > hi all, > > just did an update in the cvs tree today and tried to compile samba, but > it failed. > this the 2.0preaplha checkout. > I experienced the a similar problem with a cvs update today on Solaris 2.5.1 Here's my 10 second, just try something to make it work solution go to http://samba.anu.edu.au/cgi-bin/cvsweb/samba/source/include/ and download the 1.410 version proto.h It's compiliing without errors now as I type this letter. Of course I have 0 seconds of research into what changed between 1.411 and 1.410 so use at your own risk. :-) ->->->->->->->->->->->->->->->->->->---<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-< James Thompson 138 Cardwell Hall Manhattan, Ks 66506 785-532-0561 Kansas State University Department of Mathematics ->->->->->->->->->->->->->->->->->->---<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-< From samuel at public.szonline.net Thu Oct 8 00:33:48 1998 From: samuel at public.szonline.net (Samuel Leo) Date: Tue Dec 2 02:24:32 2003 Subject: smbwrapper problem Message-ID: <361C086C.5792E7FB@public.szonline.net> I meet two problem with smbwrapper: 1. smbwrapper can write to a win95&nt server, but failed to a samba server. 2. "cvs update -d -P" don't work with smbwrapper. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 2481 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.samba.org/archive/samba-ntdom/attachments/19981008/c307a585/smime.bin From tridge at samba.anu.edu.au Thu Oct 8 00:38:38 1998 From: tridge at samba.anu.edu.au (Andrew Tridgell) Date: Tue Dec 2 02:24:32 2003 Subject: make failing on solaris2.5.1 In-Reply-To: <361BC9EB.C63890E8@memcad.com> (message from Amol Karnik on Thu, 8 Oct 1998 06:14:21 +1000) References: <361BC9EB.C63890E8@memcad.com> Message-ID: <19981008003842Z12670082-20449+15433@samba.anu.edu.au> > just did an update in the cvs tree today and tried to compile samba, but > it failed. > this the 2.0preaplha checkout. > "include/proto.h", line 2340: warning: dubious tag declaration: struct > stat64 > ... yep, sorry about that, it was my fault. I had forgotten to run "make proto" and when luke ran it and committed the result (not lukes fault, btw) it broke because I had not marked those functions for no-prototype. fixed now. From tridge at samba.anu.edu.au Thu Oct 8 01:18:34 1998 From: tridge at samba.anu.edu.au (Andrew Tridgell) Date: Tue Dec 2 02:24:32 2003 Subject: smbwrapper problem In-Reply-To: <361C086C.5792E7FB@public.szonline.net> (message from Samuel Leo on Thu, 8 Oct 1998 10:40:22 +1000) References: <361C086C.5792E7FB@public.szonline.net> Message-ID: <19981008011840Z12670333-20449+15454@samba.anu.edu.au> > I meet two problem with smbwrapper: > 1. smbwrapper can write to a win95&nt server, > but failed to a samba server. - using what tool? - what error? - does SMBW_DEBUG=4 reveal anything? > 2. "cvs update -d -P" don't work with smbwrapper. I'll look into it. From tridge at samba.anu.edu.au Thu Oct 8 01:28:32 1998 From: tridge at samba.anu.edu.au (Andrew Tridgell) Date: Tue Dec 2 02:24:32 2003 Subject: smbwrapper problem In-Reply-To: <361C086C.5792E7FB@public.szonline.net> (message from Samuel Leo on Thu, 8 Oct 1998 10:40:22 +1000) References: <361C086C.5792E7FB@public.szonline.net> Message-ID: <19981008012837Z12670399-7510+15528@samba.anu.edu.au> > 2. "cvs update -d -P" don't work with smbwrapper. I've fixed it. It was a problem with fchdir(). From samuel at public.szonline.net Thu Oct 8 02:56:19 1998 From: samuel at public.szonline.net (Samuel Leo) Date: Tue Dec 2 02:24:32 2003 Subject: smbwrapper problem References: <361C086C.5792E7FB@public.szonline.net> <19981008011840Z12670333-20449+15454@samba.anu.edu.au> Message-ID: <361C29D3.2B969BBB@public.szonline.net> > > I meet two problem with smbwrapper: > > 1. smbwrapper can write to a win95&nt server, > > but failed to a samba server. > - using what tool? > - what error? > - does SMBW_DEBUG=4 reveal anything? It's samba's fault. Last days ago, I upgrade samba server to latest CVS code. Now I can list directories, but can't read/write any file. This is the log file when I am reading trash.dt using smbclient: [1998/10/08 09:51:18, 3] lib/util.c:(1232) chdir to /usr/local/samba/source [1998/10/08 09:51:18, 5] smbd/uid.c:(343) unbecome_user now uid=(0,0) gid=(0,0) [1998/10/08 09:51:25, 10] lib/util.c:(2181) got smb length of 75 [1998/10/0 smb_tid=18 09:51:25, 6] smbd/process.c:(564) got message type 0x0 of len 0x4b [1998/10/08 09:51:25, 3] smbd/process.c:(565) Transaction 6 of length 79 [1998/10/08 09:51:25, 5] lib/util.c:(996) size=75 smb_com=0x2d smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=8 smb_flg2=1 [1998/10/08 09:51:25, 5] lib/util.c:(1002) smb_tid=1 smb_pid=18319 smb_uid=100 smb_mid=18419 smt_wct=15 [1998/10/08 09:51:25, 5] lib/util.c:(1007) smb_vwv[0]=255 (0xFF) [1998/10/08 09:51:25, 5] lib/util.c:(1007) smb_vwv[1]=0 (0x0) [1998/10/08 09:51:25, 5] lib/util.c:(1007) smb_vwv[2]=1 (0x1) [1998/10/08 09:51:25, 5] lib/util.c:(1007) smb_vwv[3]=64 (0x40) [1998/10/08 09:51:25, 5] lib/util.c:(1007) smb_vwv[4]=6 (0x6) [1998/10/08 09:51:25, 5] lib/util.c:(1007) smb_vwv[5]=6 (0x6) [1998/10/08 09:51:25, 5] lib/util.c:(1007) smb_vwv[6]=0 (0x0) [1998/10/08 09:51:25, 5] lib/util.c:(1007) smb_vwv[7]=0 (0x0) [1998/10/08 09:51:25, 5] lib/util.c:(1007) smb_vwv[8]=1 (0x1) [1998/10/08 09:51:25, 5] lib/util.c:(1007) smb_vwv[9]=0 (0x0) [1998/10/08 09:51:25, 5] lib/util.c:(1007) smb_vwv[10]=0 (0x0) [1998/10/08 09:51:25, 5] lib/util.c:(1007) smb_vwv[11]=65535 (0xFFFF) [1998/10/08 09:51:25, 5] lib/util.c:(1007) smb_vwv[12]=65535 (0xFFFF) [1998/10/08 09:51:25, 5] lib/util.c:(1007) smb_vwv[13]=0 (0x0) chdir to /home/samuel [1998/10/08 09:51:25, 5] lib/util.c:(1007) smb_vwv[14]=0 (0x0) [1998/10/08 09:51:25, 5] lib/util.c:(1012) smb_bcc=10 [1998/10/08 09:51:25, 10] lib/util.c:(4694) [000] 5C 74 72 61 73 68 2E 64 74 00 \trash.d t. [1998/10/08 09:51:25, 3] smbd/process.c:(402) switch message SMBopenX (pid 18528) [1998/10/08 09:51:25, 5] smbd/uid.c:(293) become_user uid=(0,222) gid=(50,50) [1998/10/08 09:51:25, 3] lib/util.c:(1232) chdir to /home/samuel [1998/10/08 09:51:25, 3] lib/util.c:(1191) unix_clean_name [/trash.dt] [1998/10/08 09:51:25, 5] smbd/mangle.c:(335) Checking trash.dt for 8.3 [1998/10/08 09:51:25, 10] smbd/filename.c:(269) stat_cache_lookup: cache miss on trash.dt [1998/10/08 09:51:25, 10] smbd/filename.c:(218) stat_cache_add: Added entry TRASH.DT -> trash.dt [1998/10/08 09:51:25, 5] smbd/filename.c:(432) conversion finished trash.dt -> trash.dt From ken at sdd.hp.com Thu Oct 8 05:49:21 1998 From: ken at sdd.hp.com (Ken Stone) Date: Tue Dec 2 02:24:32 2003 Subject: smbwrapper problem In-Reply-To: Your message of Thu, 08 Oct 1998 13:03:47 +1000. <361C29D3.2B969BBB@public.szonline.net> Message-ID: <199810080549.WAA07974@hpsdlz.sdd.hp.com> > It's samba's fault. Last days ago, I upgrade samba server > to latest CVS code. Now I can list directories, but can't > read/write any file. I'd agree with that ... went from not being able to do anything to being able to list only ... hoses up everything if you try and read/write a file. -- Ken From tridge at samba.anu.edu.au Thu Oct 8 06:18:59 1998 From: tridge at samba.anu.edu.au (Andrew Tridgell) Date: Tue Dec 2 02:24:32 2003 Subject: smbwrapper problem In-Reply-To: <199810080549.WAA07974@hpsdlz.sdd.hp.com> (message from Ken Stone on Thu, 8 Oct 1998 15:52:01 +1000) References: <199810080549.WAA07974@hpsdlz.sdd.hp.com> Message-ID: <19981008061912Z12617391-7510+15613@samba.anu.edu.au> > I'd agree with that ... went from not being able to do anything to > being able to list only ... hoses up everything if you try and > read/write a file. again, I need to know: - what tool are you using to read/write - what does "hoses up everything" mean _exactly_ please, when reporting bugs, think about the poor sod who has to try to reproduce it! Without some detail it's useless. From matthew at janus.law.usyd.edu.au Thu Oct 8 06:55:47 1998 From: matthew at janus.law.usyd.edu.au (Matthew Geier) Date: Tue Dec 2 02:24:32 2003 Subject: rpcclient Message-ID: <199810080655.QAA08198@janus.law.usyd.edu.au> How does this work ?. I cant get any sense out of it.. janus:~/ftp/samba/source/bin> ./rpcclient \\\\janus\\ service: \\janus\ Can't find include file /usr/local/samba/lib/smb.UNKNOWN.conf Can't find include file smb.UNKNOWN.conf Can't find include file /usr/local/samba/lib/smb..conf Can't find include file /usr/local/samba/lib/smb.%G.conf Added interface ip=129.78.136.1 bcast=129.78.136.255 nmask=255.255.255.0 Enter Password: error connecting to 255.255.255.255:139 (No route to host) cli_establish_connection: failed to connect to JANUS<00> (0.0.0.0) rpcclient_connect: connection failed warning: connection could not be established to <20> this version of smbclient may crash if you proceed janus:~/ftp/samba/source/bin> I was hoping to see if rpcclient could get a user list from the server something that ive not been able to do with usermgr.exe even though some people say it works... From karl.deubzer at fueak.bayern.de Thu Oct 8 08:10:07 1998 From: karl.deubzer at fueak.bayern.de (Karl Deubzer) Date: Tue Dec 2 02:24:32 2003 Subject: No subject Message-ID: <361C735F.9BCD8E35@fueak.bayern.de> subscribe From cartegw at Eng.Auburn.EDU Thu Oct 8 12:00:33 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:32 2003 Subject: Profiles References: Message-ID: <361CA960.7E956E4A@eng.auburn.edu> James Thompson wrote: > > ....I created a profile and profile.pds in my home dir. > This stopped the cannont create dir error on the NT client > but now it claims roving profiles are not available and a > local copy will be used instead. > > [global] > logon path = \\noether\Profiles\%U\profile > > [Profiles] > path = /usr/local/samba.nt/samba/profiles > browseable = yes > guest ok = yes This should be 'no' > writable = yes This has to be 'yes' so that the user can update their profile. If you don't want to allow them to change things, look into mandatory profiles. > case sensitive = no > preserve case = yes One thing I am noticing, and someone may correct me on this, but I don't think that NT will create a profile directory more than one level deep. What I mean is that if you have the following [global] logon path = \\%L\profile\%U [profile] path = /export/smb/profile .... Then NT will send a create request to make /export/smb/profile/%U. But if the logon path = \\%L\profile\%U\profile and \\%L\profile\%U does not exist, then it will not make the profile directory because it is 2 levels deep. Try creating this directory using a root prexec script or something and see if that doesn't help. Of course if the directory does exist and your having problems, then my comments are useless :) Hope this helps, j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From lkcl at switchboard.net Thu Oct 8 15:08:03 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:32 2003 Subject: rpcclient In-Reply-To: <199810080655.QAA08198@janus.law.usyd.edu.au> Message-ID: evil_unix_box$ rpcclient -S janus -U [% / admin / user / whatever] Enter Password: xxxxx smb> lsaquery DOMAIN: JANUS_DOMAIN_MEMBER SID: S-1-5-21-xxxx-xxx-xxx DOMAIN: JANUS_DOMAIN_NAME SID: S-1-5-21-xxxx-xxx-xxx smb> enumusers -g -u lots of user info smb> exit On Thu, 8 Oct 1998, Matthew Geier wrote: > How does this work ?. I cant get any sense out of it.. > janus:~/ftp/samba/source/bin> ./rpcclient \\\\janus\\ > service: \\janus\ > Can't find include file /usr/local/samba/lib/smb.UNKNOWN.conf > Can't find include file smb.UNKNOWN.conf > Can't find include file /usr/local/samba/lib/smb..conf > Can't find include file /usr/local/samba/lib/smb.%G.conf > Added interface ip=129.78.136.1 bcast=129.78.136.255 nmask=255.255.255.0 > Enter Password: > error connecting to 255.255.255.255:139 (No route to host) > cli_establish_connection: failed to connect to JANUS<00> (0.0.0.0) > rpcclient_connect: connection failed > warning: connection could not be established to <20> > this version of smbclient may crash if you proceed > janus:~/ftp/samba/source/bin> > > I was hoping to see if rpcclient could get a user list from the server > something that ive not been able to do with usermgr.exe even though > some people say it works... i say it works. if i'm a liar, send me a text printout of a netmon trace and i'll _fix_ it! From caesmb at lab2.cc.wmich.edu Thu Oct 8 15:19:12 1998 From: caesmb at lab2.cc.wmich.edu (CAE Samba Admin) Date: Tue Dec 2 02:24:32 2003 Subject: Mandatory Profiles Message-ID: Hello, I have a few questions that I need clarification on after reading in docs, man pages, and faq regarding mandatory profiles. I run a few computer labs with a total of about 120 computers. I would like each computer and thus each user to all use one profile for ease of maintanence. First off, is this the way to do mandatory profiles? I mean, do I point "logon path" and a non variable location? Also, is it okay to have this location be read only? I tried doing this. I copied an exisiting "Default User" profile to a read only samba share, renamed the dat's to man's, and set the logon path to point to this share. However, after doing this, the policies do not take affect (however the links get downloaded okay) and I cannot use the NT resource kit utility "SETX" to modify the environment in the profile. Is there anyone who has mandatory profiles implemented under a samba PDC who can help me out. Kevin From ken at sdd.hp.com Thu Oct 8 15:19:15 1998 From: ken at sdd.hp.com (Ken Stone) Date: Tue Dec 2 02:24:32 2003 Subject: smbwrapper problem In-Reply-To: Your message of Thu, 08 Oct 1998 16:18:59 +1000. <19981008061912Z12617391-7510+15613@samba.anu.edu.au> Message-ID: <199810081519.IAA21131@hpsdlz.sdd.hp.com> > > I'd agree with that ... went from not being able to do anything to > > being able to list only ... hoses up everything if you try and > > read/write a file. > > again, I need to know: > > - what tool are you using to read/write > - what does "hoses up everything" mean _exactly_ > > please, when reporting bugs, think about the poor sod who has to try > to reproduce it! Without some detail it's useless. Yea, yea ... sorry :-) ... Problem is ... as of a build I started last night about 11:30PM PST, it now works like a charm for the first time in a couple of weeks !! Beats me from looking at the CVS log entries ... -- Ken From amol at memcad.com Thu Oct 8 16:35:50 1998 From: amol at memcad.com (Amol Karnik) Date: Tue Dec 2 02:24:32 2003 Subject: stopping syslog loggin Message-ID: <361CE9E6.847C3306@memcad.com> hi all, am referring to the latest CVS source, updated on Oct 8, 98 on a solaris2.5.1 machine. the server is running superb, and acting as the primary domain for 95 and 98 machines. great job folks. this is awesome indeed. while compiling, i used the --with-syslog option and now samba sends everything to /var/adm/messages. the server is running with the default debug level..i havent specified anything. is there a way to make smbd and nmd stop logging to syslog, even though they are compiled with that option, other than reconfiguring and recompiling? i would like to avoid recompiling, since i have to compile on one machine, then install it, tar it up and move it to my server machine, which doesnt have the compilers installed. also, i know that the samba NTDOMAIN version is still in an experimental stage.... and hence the debug level is of great use to you guys. but as a user, wanting to know more about whats going, rather than seeing so many lines of debug info, are there any plans to increase logging level, which gives more verbose and legible info about whats going on? i mean lines like [1998/10/08 11:46:59, 10] lib/genrand.c:(93) do_dirrand: value from file /dev/audio. [1998/10/08 11:46:59, 10] lib/genrand.c:(93) do_dirrand: value from file /dev/audioctl. [1998/10/08 11:46:59, 10] lib/genrand.c:(93) are of use to you developers, but not to us. i hope you understand what i'm trying to convey here. make logged stuff, more user readable, not just developer readable. thanks, amol From schmieta at rutcor.rutgers.edu Thu Oct 8 17:49:35 1998 From: schmieta at rutcor.rutgers.edu (Stefan Schmieta) Date: Tue Dec 2 02:24:32 2003 Subject: rpcclient In-Reply-To: Message-ID: I'm having the same problem as Matthew, i.e. I can't get user info with the NT User Manager. When I try it takes a while and then display "RPC call failed". Here's what happens with rpcclient: rutcor:~/samba/source> bin/rpcclient -S neumann Added interface ip=128.6.70.40 bcast=128.6.70.255 nmask=255.255.255.0 Enter Password: smb: \> lsaquery lsaquery LSA Query Info Policy Domain Member - Domain: RUTCOR-DOMAIN SID: S-1-5-21-95803528-180370111-114328357 Domain Controller - Domain: RUTCOR-DOMAIN SID: S-1-5-21-95803528-180370111-114328357 smb: \> enumusers -g -u enumusers -g -u SAM Enumerate Users From: rutcor To: \\NEUMANN Domain: RUTCOR-DOMAIN SID: S-1-5-21-95803528-180370111-114328357 cli_pipe: return critical error. Error was code 0 smb: \> Neumann is a running the latest alpha of Samba obtained via CVS an hour ago (it's a Sun4 Sparc running NetBSD 1.3.2). It's set up as PDC for our tiny network of NT workstations. Serving passwords and logon scripts works fine. Another thing that doesn't work is browsing Neumann. If I double click on it in the net'hood I get "Access denied". Listing shares via smbclient does work fine though. I'd be happy to provide more detailed info on our configuration or debug logs. Just let me know what you need. Stefan On Fri, 9 Oct 1998, Luke Kenneth Casson Leighton wrote: > evil_unix_box$ rpcclient -S janus -U [% / admin / user / whatever] > Enter Password: xxxxx > smb> lsaquery > DOMAIN: JANUS_DOMAIN_MEMBER SID: S-1-5-21-xxxx-xxx-xxx > DOMAIN: JANUS_DOMAIN_NAME SID: S-1-5-21-xxxx-xxx-xxx > smb> enumusers -g -u > lots of user info > smb> exit > > On Thu, 8 Oct 1998, Matthew Geier wrote: > > > How does this work ?. I cant get any sense out of it.. > > janus:~/ftp/samba/source/bin> ./rpcclient \\\\janus\\ > > service: \\janus\ > > Can't find include file /usr/local/samba/lib/smb.UNKNOWN.conf > > Can't find include file smb.UNKNOWN.conf > > Can't find include file /usr/local/samba/lib/smb..conf > > Can't find include file /usr/local/samba/lib/smb.%G.conf > > Added interface ip=129.78.136.1 bcast=129.78.136.255 nmask=255.255.255.0 > > Enter Password: > > error connecting to 255.255.255.255:139 (No route to host) > > cli_establish_connection: failed to connect to JANUS<00> (0.0.0.0) > > rpcclient_connect: connection failed > > warning: connection could not be established to <20> > > this version of smbclient may crash if you proceed > > janus:~/ftp/samba/source/bin> > > > > I was hoping to see if rpcclient could get a user list from the server > > something that ive not been able to do with usermgr.exe even though > > some people say it works... > > i say it works. if i'm a liar, send me a text printout of a netmon trace > and i'll _fix_ it! > > From lkcl at switchboard.net Thu Oct 8 19:03:12 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:32 2003 Subject: rpcclient In-Reply-To: Message-ID: try rpcclient -S neumann -U administrator -W DOMAIN enter the administrator's password for the target domain. is the target an NT PDC or a Samba PDC? also, try setting debug log level to 100 in smb.conf or specify -d 100 on the command line (if that works!) as mentioned to matthew (and now to you, stefan), "critical error" tells me nothing: a Netmon text-print-out provides full info. luke On Fri, 9 Oct 1998, Stefan Schmieta wrote: > I'm having the same problem as Matthew, i.e. I can't get user info > with the NT User Manager. When I try it takes a while and then > display "RPC call failed". Here's what happens with rpcclient: > > rutcor:~/samba/source> bin/rpcclient -S neumann > Added interface ip=128.6.70.40 bcast=128.6.70.255 nmask=255.255.255.0 > Enter Password: > smb: \> lsaquery > lsaquery > > LSA Query Info Policy > Domain Member - Domain: RUTCOR-DOMAIN SID: S-1-5-21-95803528-180370111-114328357 > Domain Controller - Domain: RUTCOR-DOMAIN SID: S-1-5-21-95803528-180370111-114328357 > smb: \> enumusers -g -u > enumusers -g -u > > SAM Enumerate Users > From: rutcor To: \\NEUMANN Domain: RUTCOR-DOMAIN SID: S-1-5-21-95803528-180370111-114328357 > cli_pipe: return critical error. Error was code 0 > > smb: \> > > Neumann is a running the latest alpha of Samba obtained via CVS an hour > ago (it's a Sun4 Sparc running NetBSD 1.3.2). It's set up as PDC for our > tiny network of NT workstations. Serving passwords and logon scripts works > fine. Another thing that doesn't work is browsing Neumann. If I double > click on it in the net'hood I get "Access denied". Listing shares via > smbclient does work fine though. > > I'd be happy to provide more detailed info on our configuration or debug > logs. Just let me know what you need. > > Stefan > > On Fri, 9 Oct 1998, Luke Kenneth Casson Leighton wrote: > > > evil_unix_box$ rpcclient -S janus -U [% / admin / user / whatever] > > Enter Password: xxxxx > > smb> lsaquery > > DOMAIN: JANUS_DOMAIN_MEMBER SID: S-1-5-21-xxxx-xxx-xxx > > DOMAIN: JANUS_DOMAIN_NAME SID: S-1-5-21-xxxx-xxx-xxx > > smb> enumusers -g -u > > lots of user info > > smb> exit From dave at www.buffalostate.edu Thu Oct 8 18:55:10 1998 From: dave at www.buffalostate.edu (Dave J. Andruczyk) Date: Tue Dec 2 02:24:32 2003 Subject: Mandatory Profiles In-Reply-To: Message-ID: > I run a few computer labs with a total of about 120 computers. I would > like each computer and thus each user to all use one profile for ease of > maintanence. First off, is this the way to do mandatory profiles? I > mean, do I point "logon path" and a non variable location? Also, is it > okay to have this location be read only? > > I tried doing this. I copied an exisiting "Default User" profile to a > read only samba share, renamed the dat's to man's, and set the logon path > to point to this share. However, after doing this, the policies do not > take affect (however the links get downloaded okay) and I cannot use the > NT resource kit utility "SETX" to modify the environment in the profile. > > Is there anyone who has mandatory profiles implemented under a samba PDC > who can help me out. yep. I've done it several times.. the MAIN thing you gotta do, is to install policy editor, and create a "CONFIG.POL" file on your "netlogon" share of your samba PDC. this file must be edited in windoze, unfortunately with policy editor. (you can install it, as its on the win95 cd in \admin\apptools\poledit), it has to be installed via the control panel (add/remove apps->Windows Setup->Have Disk sequence). once you have policy editor opened, you gotta create a NEW FILE, (File->New), then add, a "user" who is the same username as your generic user that you have for your site. (I use "netscape" for all my netscape only machines). after you creat this, edit the security settings as far as you want. TIP: it is VERY WISE to set the paths for Custom Folders, to point to the user's logon drive. i.e. I set: under the "Shell->Custom Folders" for my restricted users: Custom Program Folder = y:\Start Menu Programs Custom Desktop Icons = y:\Desktop Custom Startup Folder = y:\Startup Custom Network Neighborhood = y:\NetHood Custom Start Menu = y:\Start Menu and in their logon script: a net use y: \\pdcserver\profiles "profiles" is a variable path location on the PDC that is something like path = /samba/profiles/%U YOU MUST INITIALLY setup write permission for this dir, so that windoze can creat the profile, on its own, after that, you gotta fiddle with windows a bit, (change some settings, so that it will save the person's profile when they logout), and then the "user.dat" file should appear in their profile share (/samba/profiles/%U/user.dat). When you have all settings the way you want,( including the way a window looks when it starts, i.e (the shape and position of "my computer", is stored in the registry, and the users profile), renme the file on the profile share to "user.man" and it will become a MANDATORY profile, that windowse will use. Then you can set the permissions to be read only so the user can't modify their start menu, or even their desktop icons. If you need more help/pointers. feel free, as I've done this some many times.. IT sure beats windows NT, as they hide it all under the gui, and most of it is a real bitch to find.. (in NT) Dave J. Andruczyk Linux Systems Admin Buffalo State college From tridge at samba.anu.edu.au Thu Oct 8 20:48:29 1998 From: tridge at samba.anu.edu.au (Andrew Tridgell) Date: Tue Dec 2 02:24:32 2003 Subject: smbwrapper problem In-Reply-To: <199810081519.IAA21131@hpsdlz.sdd.hp.com> (message from Ken Stone on Thu, 08 Oct 1998 08:19:15 -0700) References: <199810081519.IAA21131@hpsdlz.sdd.hp.com> Message-ID: <19981008204836Z12670658-20449+15756@samba.anu.edu.au> > Problem is ... as of a build I started last night about 11:30PM PST, it > now works like a charm for the first time in a couple of weeks !! > > Beats me from looking at the CVS log entries ... I'm curious as to what the problem was. Oh well. From matthew at janus.law.usyd.edu.au Thu Oct 8 21:48:23 1998 From: matthew at janus.law.usyd.edu.au (Matthew Geier) Date: Tue Dec 2 02:24:32 2003 Subject: rpcclient In-Reply-To: from "Luke Kenneth Casson Leighton" at Oct 9, 98 04:07:13 am Message-ID: <199810082148.HAA06537@janus.law.usyd.edu.au> rpcclient will return a user list for me. It certainly wont work for usermgr on the NT wiorkstation. I dont have netmon, but hopefully I can get a snoop/tcpdump trace of an attempted transaction a little later today. From lkcl at switchboard.net Thu Oct 8 22:51:29 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:32 2003 Subject: rpcclient In-Reply-To: <199810082148.HAA06537@janus.law.usyd.edu.au> Message-ID: matthew, tcpdump traces are difficult to follow: they don't decode dce/rpc packets. the other guy looking at this sent me a log.smb file which allowed me to deduce that smbd is terminating when it receives an LsaOpenPolicy query. thanks .. On Fri, 9 Oct 1998, Matthew Geier wrote: > > rpcclient will return a user list for me. It certainly wont work for > usermgr on the NT wiorkstation. > I dont have netmon, but hopefully I can get a snoop/tcpdump trace of > an attempted transaction a little later today. > > Luke Kenneth Casson Leighton Samba and Network Development Samba and Network Consultancy From tridge at samba.anu.edu.au Thu Oct 8 22:18:31 1998 From: tridge at samba.anu.edu.au (Andrew Tridgell) Date: Tue Dec 2 02:24:32 2003 Subject: rpcclient In-Reply-To: (message from Luke Kenneth Casson Leighton on Fri, 9 Oct 1998 07:56:55 +1000) References: Message-ID: <19981008221836Z12670658-25139+15593@samba.anu.edu.au> > tcpdump traces are difficult to follow: they don't decode dce/rpc packets. binary tcpdump traces (from the -w option) are very useful. They can be converted to netmon format using capconvert. See the tcpdump-smb directory on the samba ftp site. From william at hae.com Thu Oct 8 22:59:12 1998 From: william at hae.com (William Stuart) Date: Tue Dec 2 02:24:33 2003 Subject: rpcclient In-Reply-To: Message-ID: Has anyone written an addon to tcpdump, or any UNIX based sniffing utility that can decypher DCE/RPC? --- William Stuart (william@hae.com) "Don't rush me sonny. You rush a miracle man you get rotten miracles." --Miracle Max, "The Princess Bride" On Fri, 9 Oct 1998, Luke Kenneth Casson Leighton wrote: > Date: Fri, 9 Oct 1998 07:56:44 +1000 > From: Luke Kenneth Casson Leighton > To: Multiple recipients of list > Subject: Re: rpcclient > > matthew, > > tcpdump traces are difficult to follow: they don't decode dce/rpc packets. > > the other guy looking at this sent me a log.smb file which allowed me to > deduce that smbd is terminating when it receives an LsaOpenPolicy query. > > thanks > . From lkcl at switchboard.net Thu Oct 8 23:58:30 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:33 2003 Subject: rpcclient In-Reply-To: Message-ID: no, but given that the parsing now exists, it would be an easy job. any volunteers? On Thu, 8 Oct 1998, William Stuart wrote: > Has anyone written an addon to tcpdump, or any UNIX based sniffing utility > that can decypher DCE/RPC? > > --- > William Stuart (william@hae.com) > "Don't rush me sonny. You rush a miracle man you get rotten miracles." > --Miracle Max, "The Princess Bride" > > On Fri, 9 Oct 1998, Luke Kenneth Casson Leighton wrote: > > > Date: Fri, 9 Oct 1998 07:56:44 +1000 > > From: Luke Kenneth Casson Leighton > > To: Multiple recipients of list > > Subject: Re: rpcclient > > > > matthew, > > > > tcpdump traces are difficult to follow: they don't decode dce/rpc packets. > > > > the other guy looking at this sent me a log.smb file which allowed me to > > deduce that smbd is terminating when it receives an LsaOpenPolicy query. > > > > thanks > > . > > Luke Kenneth Casson Leighton Samba and Network Development Samba and Network Consultancy From lkcl at switchboard.net Fri Oct 9 00:01:57 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:33 2003 Subject: rpcclient In-Reply-To: <19981008221836Z12670658-25139+15593@samba.anu.edu.au> Message-ID: of course. i forgot: i thought it was the other way round (why, i have no idea) which was why i didn't mention it. *dur* On Fri, 9 Oct 1998, Andrew Tridgell wrote: > > tcpdump traces are difficult to follow: they don't decode dce/rpc packets. > > binary tcpdump traces (from the -w option) are very useful. They can be > converted to netmon format using capconvert. See the tcpdump-smb > directory on the samba ftp site. > > Luke Kenneth Casson Leighton Samba and Network Development Samba and Network Consultancy From matthew at janus.law.usyd.edu.au Fri Oct 9 05:24:18 1998 From: matthew at janus.law.usyd.edu.au (Matthew Geier) Date: Tue Dec 2 02:24:33 2003 Subject: rpcclient In-Reply-To: from "Luke Kenneth Casson Leighton" at Oct 9, 98 07:56:55 am Message-ID: <199810090524.PAA29421@janus.law.usyd.edu.au> > > rpcclient will return a user list for me. It certainly wont work for > > usermgr on the NT wiorkstation. > > I dont have netmon, but hopefully I can get a snoop/tcpdump trace of > > an attempted transaction a little later today. > > Well I captured the transaction from usermgr on my NT workstation to the samba server. They live at http://www.law.usyd.edu.au/~matthew/samba/ (I hope there isnt any passwords in that lot...) There is a level 100 smbd log of usermgr loading and then failing, along with the solaris snoop capture of the same, and the result of ruuning snooptocap over the snoop capture file. The server is running code CVS about 2 weeks old - newer versions so far tried have a problem with win95 printing. (I hope to try that again tomorrow when every one is gone...). rpcclient will respond and list users, it just doesnt work from the Microsoft client for me! I dont have an NT server to try this against. From quong at best.com Fri Oct 9 07:08:39 1998 From: quong at best.com (Russell W. Quong) Date: Tue Dec 2 02:24:33 2003 Subject: Get "Your account has been disabled" when trying to logon to NT Wrkstn Message-ID: <199810090708.AAA13332@quite0.quong.com> (Been using samba 1.9.16/17/18 for almost a year happily). I grabbed the 2.0.0 alpha code as of Oct 2 to get PDC support. Using 2.0.35 linux kernel, slackware 3.5, egcs 1.0.3 compiler. Massaged a header file and the Makefile and got samba to compile Set up samba to be the PDC, for our doamin ITU. The NT Workstation client sees the domain. At the NT workstation login: a) If I give a bad user name (not in smbpasswd) we get a message saying "bad username or password" b) If I try to logon as myself (and I'm in the smbpasswd file) I get the "your account has been disabled" message on the NT box. I get this message whether or not I type my password correctly (!) I am 99.8% sure I set up profiles INCORRECTLY. Is this the cause of my problem? Actually I tried to set up a profile by just editing text files on the linux-samba box. I never: made a default profile on the NT box with the user manager and copied it over the linux-samba box. ================================================================ Here's my config file: [global] log file = ... admin users = quong guest account = nobody hosts allow = 209.24.153. localhost ; You will need a world readable lock directory and "share modes=yes" ; if you want to support the file sharing modes for multiple users ; of the same files lock directory = /usr/local/var/locks share modes = yes socket options = IPTOS_LOWDELAY TCP_NODELAY logon path = \\%N\profile\%U logon script = netlogon-samba include = /usr/local/exp-samba/lib/%U.conf security = user mangled stack = 200 mangle case = no case sensitive = no default case = lower preserve case = yes short preserve case = no auto services = homes mangled map = (*.html *.htm) (*.java *.jav) workgroup = ITU preferred master = yes domain master = yes remote announce = 209.24.153.127/ITU interfaces = .... ;;; Win95/WfW = 02, NT = 32, we beat Win 95 and NT os level = 40 wins support = yes ;;; NT PDC issues ; update encrypted = yes smb passwd file = /usr/local/exp-samba/private/smbpasswd encrypt passwords = yes domain logons = yes passwd chat debug = yes ... [netlogon] path = /usr/local/etc/samba [profile] root preexec = /usr/local/etc/samba/buildprofile %U path = /usr/local/exp-samba/lib/profile [homes] .... other share data ... ================================================================ Here's a sample of the log file (debug at 3; debug=5 was too much). [1998/10/08 01:19:28, 3] smbd/password.c:authorise_login(759) ACCEPTED: guest account and guest ok [1998/10/08 01:19:28, 3] smbd/service.c:make_connection(380) Connect path is /tmp [1998/10/08 01:19:28, 3] lib/util.c:ChDir(1232) chdir to /tmp [1998/10/08 01:19:28, 3] lib/util.c:ChDir(1232) chdir to /local/usr/local/exp-samba/bin [1998/10/08 01:19:28, 3] smbd/service.c:make_connection(482) rain (209.24.153.34) connect to service IPC$ as user nobody (uid=65534, gid=10 0) (pid 1067) [1998/10/08 01:19:28, 3] smbd/reply.c:reply_tcon_and_X(340) tconX service=ipc$ user=nobody [1998/10/08 01:19:28, 3] smbd/process.c:process_smb(565) Transaction 3 of length 95 [1998/10/08 01:19:28, 3] smbd/process.c:switch_message(402) switch message SMBntcreateX (pid 1067) [1998/10/08 01:19:28, 3] lib/util.c:ChDir(1232) chdir to /tmp [1998/10/08 01:19:28, 3] smbd/nttrans.c:nt_open_pipe(388) nt_open_pipe: Known pipe lsarpc opening. [1998/10/08 01:19:28, 3] smbd/process.c:process_smb(565) Transaction 4 of length 152 [1998/10/08 01:19:28, 3] smbd/process.c:switch_message(402) switch message SMBtrans (pid 1067) [1998/10/08 01:19:28, 3] smbd/ipc.c:reply_trans(3739) trans <\PIPE\> data=72 params=0 setup=2 [1998/10/08 01:19:28, 3] smbd/ipc.c:named_pipe(3604) named pipe command on <> name [1998/10/08 01:19:28, 3] smbd/ipc.c:api_fd_reply(3404) Got API command 0x26 on pipe "lsarpc" (pnum 703b)api_pipe_bind_req: \PIPE\lsar pc -> \PIPE\lsass [1998/10/08 01:19:28, 3] smbd/process.c:process_smb(565) Transaction 5 of length 164 [1998/10/08 01:19:28, 3] smbd/process.c:switch_message(402) switch message SMBtrans (pid 1067) [1998/10/08 01:19:28, 3] smbd/ipc.c:reply_trans(3739) trans <\PIPE\> data=84 params=0 setup=2 [1998/10/08 01:19:28, 3] smbd/ipc.c:named_pipe(3604) named pipe command on <> name [1998/10/08 01:19:28, 3] smbd/ipc.c:api_fd_reply(3404) Got API command 0x26 on pipe "lsarpc" (pnum 703b)Doing \PIPE\lsarpc [1998/10/08 01:19:28, 3] rpc_server/srv_util.c:api_rpc_command(226) api_rpc_command: LSA_OPENPOLICY [1998/10/08 01:19:28, 3] smbd/process.c:process_smb(565) Transaction 6 of length 132 [1998/10/08 01:19:28, 3] smbd/process.c:switch_message(402) switch message SMBtrans (pid 1067) [1998/10/08 01:19:28, 3] smbd/ipc.c:reply_trans(3739) trans <\PIPE\> data=52 params=0 setup=2 [1998/10/08 01:19:28, 3] smbd/ipc.c:named_pipe(3604) named pipe command on <> name [1998/10/08 01:19:28, 3] smbd/ipc.c:api_fd_reply(3404) Got API command 0x26 on pipe "lsarpc" (pnum 703b)Doing \PIPE\lsarpc [1998/10/08 01:19:28, 3] rpc_server/srv_util.c:api_rpc_command(226) api_rpc_command: LSA_ENUMTRUSTDOM [1998/10/08 01:19:28, 3] smbd/process.c:process_smb(565) Transaction 7 of length 124 [1998/10/08 01:19:28, 3] smbd/process.c:switch_message(402) switch message SMBtrans (pid 1067) [1998/10/08 01:19:28, 3] smbd/ipc.c:reply_trans(3739) trans <\PIPE\> data=44 params=0 setup=2 [1998/10/08 01:19:28, 3] smbd/ipc.c:named_pipe(3604) named pipe command on <> name [1998/10/08 01:19:28, 3] smbd/ipc.c:api_fd_reply(3404) Got API command 0x26 on pipe "lsarpc" (pnum 703b)Doing \PIPE\lsarpc [1998/10/08 01:19:28, 3] rpc_server/srv_util.c:api_rpc_command(226) api_rpc_command: LSA_CLOSE [1998/10/08 01:19:28, 3] smbd/process.c:process_smb(565) Transaction 8 of length 46 [1998/10/08 01:19:28, 3] smbd/process.c:switch_message(402) switch message SMBclose (pid 1067) [1998/10/08 01:19:28, 3] smbd/process.c:process_smb(565) Transaction 9 of length 97 [1998/10/08 01:19:28, 3] smbd/process.c:switch_message(402) switch message SMBntcreateX (pid 1067) [1998/10/08 01:19:28, 3] smbd/nttrans.c:nt_open_pipe(388) nt_open_pipe: Known pipe NETLOGON opening. [1998/10/08 01:19:28, 3] smbd/process.c:process_smb(565) Transaction 10 of length 152 [1998/10/08 01:19:28, 3] smbd/process.c:switch_message(402) switch message SMBtrans (pid 1067) [1998/10/08 01:19:28, 3] smbd/ipc.c:reply_trans(3739) trans <\PIPE\> data=72 params=0 setup=2 [1998/10/08 01:19:28, 3] smbd/ipc.c:named_pipe(3604) named pipe command on <> name [1998/10/08 01:19:28, 3] smbd/ipc.c:api_fd_reply(3404) Got API command 0x26 on pipe "NETLOGON" (pnum 703c)api_pipe_bind_req: \PIPE\NE TLOGON -> \PIPE\lsass [1998/10/08 01:19:28, 3] smbd/process.c:process_smb(565) Transaction 11 of length 166 [1998/10/08 01:19:28, 3] smbd/process.c:switch_message(402) switch message SMBtrans (pid 1067) [1998/10/08 01:19:28, 3] smbd/ipc.c:reply_trans(3739) trans <\PIPE\> data=86 params=0 setup=2 [1998/10/08 01:19:28, 3] smbd/ipc.c:named_pipe(3604) named pipe command on <> name [1998/10/08 01:19:28, 3] smbd/ipc.c:api_fd_reply(3404) Got API command 0x26 on pipe "NETLOGON" (pnum 703c)Doing \PIPE\NETLOGON [1998/10/08 01:19:28, 3] rpc_server/srv_util.c:api_rpc_command(226) api_rpc_command: NET_REQCHAL [1998/10/08 01:19:28, 0] passdb/smbpass.c:getsmbfilepwent(178) getsmbfilepwent: malformed password entry (uid not number) [1998/10/08 01:19:28, 3] smbd/process.c:process_smb(565) Transaction 12 of length 200 [1998/10/08 01:19:28, 3] smbd/process.c:switch_message(402) switch message SMBtrans (pid 1067) [1998/10/08 01:19:28, 3] smbd/ipc.c:reply_trans(3739) trans <\PIPE\> data=120 params=0 setup=2 [1998/10/08 01:19:28, 3] smbd/ipc.c:named_pipe(3604) named pipe command on <> name [1998/10/08 01:19:28, 3] smbd/ipc.c:api_fd_reply(3404) Got API command 0x26 on pipe "NETLOGON" (pnum 703c)Doing \PIPE\NETLOGON [1998/10/08 01:19:28, 3] rpc_server/srv_util.c:api_rpc_command(226) api_rpc_command: NET_AUTH2 [1998/10/08 01:19:28, 3] smbd/process.c:process_smb(565) Transaction 13 of length 338 [1998/10/08 01:19:28, 3] smbd/process.c:switch_message(402) switch message SMBtrans (pid 1067) [1998/10/08 01:19:28, 3] smbd/ipc.c:reply_trans(3739) trans <\PIPE\> data=258 params=0 setup=2 [1998/10/08 01:19:28, 3] smbd/ipc.c:named_pipe(3604) named pipe command on <> name [1998/10/08 01:19:28, 3] smbd/ipc.c:api_fd_reply(3404) Got API command 0x26 on pipe "NETLOGON" (pnum 703c)Doing \PIPE\NETLOGON [1998/10/08 01:19:28, 3] rpc_server/srv_util.c:api_rpc_command(226) api_rpc_command: NET_SAMLOGON [1998/10/08 01:19:28, 3] rpc_server/srv_netlog.c:api_net_sam_logon(621) SAM Logon (Interactive). Domain:[ITU]. User:[quong] [1998/10/08 01:19:38, 3] lib/util.c:ChDir(1232) chdir to /local/usr/local/exp-samba/bin [1998/10/08 01:22:28, 3] smbd/process.c:process_smb(565) Transaction 14 of length 46 [1998/10/08 01:22:28, 3] smbd/process.c:switch_message(402) switch message SMBclose (pid 1067) ================ RQ From jamest at math.ksu.edu Fri Oct 9 13:15:56 1998 From: jamest at math.ksu.edu (James Thompson) Date: Tue Dec 2 02:24:33 2003 Subject: Get "Your account has been disabled" when trying to logon to NT Wrkstn In-Reply-To: <199810090708.AAA13332@quite0.quong.com> Message-ID: On Fri, 9 Oct 1998, Russell W. Quong wrote: > (Been using samba 1.9.16/17/18 for almost a year happily). > > I grabbed the 2.0.0 alpha code as of Oct 2 to get PDC support. > Using 2.0.35 linux kernel, slackware 3.5, egcs 1.0.3 compiler. > > Massaged a header file and the Makefile and got samba to compile > > Set up samba to be the PDC, for our doamin ITU. > The NT Workstation client sees the domain. > > At the NT workstation login: > a) If I give a bad user name (not in smbpasswd) we get > a message saying "bad username or password" > b) If I try to logon as myself (and I'm in the smbpasswd file) > I get the "your account has been disabled" message > on the NT box. I get this message whether or not I type > my password correctly (!) > Did you use smbpasswd to set your samba password? If your /usr/local/exp-samba/private/smbpasswd files contains just X's then your account is disabled. Next, and I have no idea if this is correct. I found that if a use root to set a user password then the account is still disabled even though the password has been set. To fix this I edit the password file by hand, part of each password entry has something that normally looks like [U ] (don't count the spaces my samba server is down so I'm pulling this from memory) except on people whom have had their password changed by root, then it looks like [DU ]. My thinking was D = disable so i removed the D and everything works fine. Can anyone show me where to get info about the [U ] entries, I can't find docs on them and it doesn't seem to match ENCRYPTION.txt ->->->->->->->->->->->->->->->->->->---<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-< James Thompson 138 Cardwell Hall Manhattan, Ks 66506 785-532-0561 Kansas State University Department of Mathematics ->->->->->->->->->->->->->->->->->->---<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-< From jamest at math.ksu.edu Fri Oct 9 13:18:50 1998 From: jamest at math.ksu.edu (James Thompson) Date: Tue Dec 2 02:24:33 2003 Subject: Mail list delays In-Reply-To: Message-ID: Noticed that there a huge delays between when I item is posted and when I receive it. Several hours. Is anyone else seeing this? ->->->->->->->->->->->->->->->->->->---<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-< James Thompson 138 Cardwell Hall Manhattan, Ks 66506 785-532-0561 Kansas State University Department of Mathematics ->->->->->->->->->->->->->->->->->->---<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-< From dkrovich at wvu.edu Fri Oct 9 14:05:42 1998 From: dkrovich at wvu.edu (David Krovich) Date: Tue Dec 2 02:24:33 2003 Subject: Get "Your account has been disabled" when trying to logon to NT Wrkstn In-Reply-To: <199810090708.AAA13332@quite0.quong.com> Message-ID: Search for your username in the the smbpasswd file. Look at the 5th colon delimited field. If you see something like, [DU ], remove the D. (At least, thats what worked for me) From my experience, it seems smbpasswd adds a D to any account I use it to change the password, which seems to have the effect of expering the account. > At the NT workstation login: > a) If I give a bad user name (not in smbpasswd) we get > a message saying "bad username or password" > b) If I try to logon as myself (and I'm in the smbpasswd file) > I get the "your account has been disabled" message > on the NT box. I get this message whether or not I type > my password correctly (!) > From dkrovich at wvu.edu Fri Oct 9 14:29:16 1998 From: dkrovich at wvu.edu (David Krovich) Date: Tue Dec 2 02:24:33 2003 Subject: NIS+ support in Samba In-Reply-To: <199810090708.AAA13332@quite0.quong.com> Message-ID: When I run ./configure, one of the lines I see is: checking whether to use NISPLUS password database... no My question is, what support does Samba provide with NISPLUS? From shad at travelware.net Fri Oct 9 14:59:25 1998 From: shad at travelware.net (Shad O'Neil) Date: Tue Dec 2 02:24:33 2003 Subject: Still using smbpasswd file for security=server Message-ID: <000b01bdf395$6821bc80$9033b3cf@superman.travelware.net> I'm using the precompiled samba-2.0.0pre1 binary for my RedHat 5.1 box and I was trying to set up the security = server option. I got it to join the NT server domain (as a bdc I guess), but for mapping, etc. it doesn't verify the password on the NT server. It kept telling me that my password was incorrect. I replaced my smbpasswd file and then it worked fine. What am I doing wrong to get it to still use the samba password file? Does the binary not have that option compiled into it? I have options: security = server workgroup = TWE password server = joker Also, I have a wins server defined and I notice I still get a lot of broadcasts still asking for my linux servers address. Does it take a while to take effect? How can I tell if it's working or not? Shad O'Neil From shui at pointsnorth.com Fri Oct 9 15:30:05 1998 From: shui at pointsnorth.com (shui@pointsnorth.com) Date: Tue Dec 2 02:24:33 2003 Subject: Failed to perform NT domain logon using Samba2.0alpha8 Message-ID: <87256698.005512F5.00@yxepna01.pointsnorth.com> Hi Folks, I downloaded Samba2.0alpha8 from Samba site. Compiled it and installed it on the Solaris 2.6 unix box. I set up domain logon for both Windows 98 clients and WinNT. There is no problem logging on from Windows98 and the shares are all working alright. Then, I followed Samba NTDOM FAQ and add the NT workstation name into /etc/passwd and smbpasswd (using smbpasswd -a -m ). On the NT workstation, I changed it from WORKGRP to DOMAIN and I got the message "Welcome to ". The next thing I did is reboot my NT. I saw a login dialog box. I chose . I entered a user name which only exists on the Samba server but then an error message is returned: "Cannot access ...". Could someone point to me what did I do wrong? I looked at the log.nmb and I found that it returned a "PANIC" error message. The Samba server then failed to respond to any requests, even from Windows 98, after then. The only thing I can do is to stop and restart the daemon again. When will there be an official release for 2.0 which supports NT domain logon? There are so many alpha versions out there that I got lost as to which one is working and which is not. Attached please find a copy of the error log and my smb.conf. Please excuse me for such a long message. Thank you for your kind attention. Sandie **** Log from log.smb **** [1998/10/08 11:05:26, 0] smbd/reply.c:session_trust_account(403) session_trust_account: Trust account DC8G3PTN$ user doesn't exist [1998/10/08 11:09:20, 0] smbd/reply.c:reply_sesssetup_and_X(655) NT Password did not match ! Defaulting to Lanman [1998/10/08 11:10:59, 0] smbd/reply.c:reply_sesssetup_and_X(655) NT Password did not match ! Defaulting to Lanman doing parameter encrypt passwords = yes doing parameter unix password sync = yes doing parameter passwd program = /bin/nispasswd %u doing parameter passwd chat = *New\spassword* %n\n *enter\snew\spassword* %n\n *password*changed* . [1998/10/08 11:28:55, 2] param/loadparm.c:do_section(2150) Processing section "[netlogon]" doing parameter path = /usr/local/samba2.0alpha8/samba/netlogon doing parameter writeable = no doing parameter guest ok = no doing parameter root preexec = /usr/local/samba2.0alpha8/samba/bin/makelogonsc ript %U %h [1998/10/08 11:28:55, 2] param/loadparm.c:do_section(2150) Processing section "[homes]" doing parameter comment = Home Directories doing parameter browseable = no doing parameter writeable = no doing parameter write list = %S [1998/10/08 11:28:55, 2] param/loadparm.c:do_section(2150) Processing section "[mattheys]" doing parameter path = /export/home/mattheys doing parameter browseable = no doing parameter public = no doing parameter write list = @admin doing parameter read list = @admin doing parameter create mask = 660 doing parameter directory mask = 770 **** Error from nmb.log **** [1998/10/08 08:30:02, 1] nmbd/nmbd.c:main(664) Netbios nameserver version 2.0.0-prealpha started. Copyright Andrew Tridgell 1994-1998 [1998/10/08 08:30:02, 0] nmbd/nmbd.c:main(695) standard input is not a socket, assuming -D option [1998/10/08 08:30:02, 0] nmbd/asyncdns.c:start_async_dns(150) started asyncdns process 19041 [1998/10/08 08:30:02, 0] nmbd/nmbd_logonnames.c:add_logon_names(159) add_domain_logon_names: Attempting to become logon server for workgroup YYCTPA on subnet 204.50.11.4 [1998/10/08 08:30:02, 0] nmbd/nmbd_logonnames.c:add_logon_names(159) add_domain_logon_names: Attempting to become logon server for workgroup YYCTPA on subnet UNICAST_SUBNE T [1998/10/08 08:30:02, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_win s(332) become_domain_master_browser_wins: Attempting to become domain master browser on workgroup YYCTPA, subnet UNICAST _SUBNET. [1998/10/08 08:30:02, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_win s(347) become_domain_master_browser_wins: querying WINS server at IP 204.50.11.4 for domain master browser name YYCTPA<1b> on workgroup YYCTPA _SUBNET. [1998/10/08 08:30:02, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_win s(347) become_domain_master_browser_wins: querying WINS server at IP 204.50.11.4 for domain master browser name YYCTPA<1b> on workgroup YYCTPA [1998/10/08 08:30:02, 0] nmbd/nmbd_logonnames.c:become_logon_server_success(118) become_logon_server_success: Samba is now a logon server for workgroup YYCTPA on subnet UNICAST_SUBNET [1998/10/08 08:30:02, 0] nmbd/nmbd_become_dmb.c:become_domain_master_stage2(118) ***** Samba server YYCTPA04 is now a domain master browser for workgroup YYCTPA on s ubnet UNICAST_SUBNET ***** [1998/10/08 08:30:02, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_bca st(284) become_domain_master_browser_bcast: Attempting to become domain master browser on workgroup YYCTPA on subnet 204.5 0.11.4 [1998/10/08 08:30:02, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_bca st(298) Attempting to become domain master browser on workgroup YYCTPA on subnet 204.5 0.11.4 [1998/10/08 08:30:02, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_bca st(298) become_domain_master_browser_bcast: querying subnet 204.50.11.4 for domain mas ter browser on workgroup YYCTPA [1998/10/08 08:30:06, 0] nmbd/nmbd_logonnames.c:become_logon_server_success(118) become_logon_server_success: Samba is now a logon server for workgroup YYCTPA on subnet 204.50.11.4 [1998/10/08 08:30:10, 0] nmbd/nmbd_become_dmb.c:become_domain_master_stage2(118) ***** Samba server YYCTPA04 is now a domain master browser for workgroup YYCTPA on s ubnet 204.50.11.4 ***** [1998/10/08 08:31:42, 1] nmbd/nmbd_processlogon.c:process_logon_packet(69) process_logon_packet: Logon from 204.50.11.40: code = 0 [1998/10/08 08:31:46, 1] nmbd/nmbd_processlogon.c:process_logon_packet(69) process_logon_packet: Logon from 204.50.11.40: code = 7 [1998/10/08 11:13:14, 1] nmbd/nmbd_processlogon.c:process_logon_packet(69) process_logon_packet: Logon from 204.50.11.46: code = 12 [1998/10/08 11:13:14, 0] lib/fault.c:fault_report(40) =============================================================== [1998/10/08 11:13:14, 0] lib/fault.c:fault_report(41) INTERNAL ERROR: Signal 11 in pid 19040 (2.0.0-prealpha) Please read the file BUGS.txt in the distribution [1998/10/08 11:13:14, 0] lib/fault.c:fault_report(43) =============================================================== [1998/10/08 11:13:14, 0] lib/util.c:smb_panic(4075) PANIC: internal error **** SMB.CONF **** workgroup = yyctpa server string = Calgary, 'B' Agency Server security = user password level = 2 domain controller=yes domain logons = yes preferred master=yes domain master=yes wins support=yes logon script = %U.bat debug level = 5 encrypt passwords = yes unix password sync = yes passwd program = /bin/nispasswd %u passwd chat = *New\spassword* %n\n *enter\snew\spassword* %n\n *password*changed* . [netlogon] path = /usr/local/samba2.0alpha8/samba/netlogon writeable = no guest ok = no root preexec = /usr/local/samba2.0alpha8/samba/bin/makelogonscript %U %h [homes] comment = Home Directories browseable = no writeable = no write list = %S *** smbpasswd *** # # SMB password file. # root:0:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:Su per-User:/:/sbin/sh daemon:1:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX: :/: bin:2:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX::/u sr/bin: sys:3:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX::/: adm:4:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:Adm in:/var/adm: lp:71:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:Lin e Printer Admin:/usr/spool/lp: smtp:0:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:Ma il Daemon User:/: uucp:5:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:uu cp Admin:/usr/lib/uucp: nuucp:9:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:u ucp Admin:/var/spool/uucppublic:/usr/lib/uucp/uucico listen:37:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX :Network Admin:/usr/net/nls: nobody:60001:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXX:Nobody:/: noaccess:60002:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXX:No Access User:/: nobody4:65534:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXX:SunOS 4.x Nobody:/: testuser:1001:212B68510DE6042A1486235A2333E4D2:CC27E3D37757BB316314A081B4DC D5CC: :/export/home/testuser:/bin/sh dc8g3ptn$:10013:BF956698645D3B2BE72C57EF50F76A05:5B8BB81B662A46756D0BA3B702 33B89 6:[W ]:LCT-361CF1B1: From jjorgens at bdsinc.com Fri Oct 9 16:01:18 1998 From: jjorgens at bdsinc.com (Jens B. Jorgensen) Date: Tue Dec 2 02:24:33 2003 Subject: what about Active Directory Services? Message-ID: <361E334E.BCBB5E57@bdsinc.com> With all this effort to support NT Domains, what about when things switch to the new Active Directory Services in NT5? -- Jens B. Jorgensen jjorgens@bdsinc.com From Ryan at US.Distribution.com Fri Oct 9 16:24:43 1998 From: Ryan at US.Distribution.com (Ryan Koski) Date: Tue Dec 2 02:24:33 2003 Subject: Different machine configs Message-ID: <773702019F1DD21196ED00A0C9D6526F2DC133@EXCHANGE.distribution.com> Hello... Forgive me for asking a stupid question. I have several different machines (architectures and OS's) on which I build and run Samba. Is it possible to dump all the code from CVS in one common NFS export and build samba for the different architectures from that one directory? Possibly with options to configure and/or make? Thanks... Ryan Koski Management Information Systems Distribution Architects International From cartegw at Eng.Auburn.EDU Fri Oct 9 17:19:47 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:33 2003 Subject: Get "Your account has been disabled" when trying to logon to NT Wrkstn References: Message-ID: <361E45B3.92F44EE5@eng.auburn.edu> James Thompson wrote: > > Can anyone show me where to get info about the [U ] > entries, I can't find docs on them and it doesn't seem > to match ENCRYPTION.txt This is something Jeremy is working on and has not been documented anywhere. Hang in there. j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From smurf at smurfsoft.dauenhauer.de Fri Oct 9 17:43:50 1998 From: smurf at smurfsoft.dauenhauer.de (Christian Kumpf) Date: Tue Dec 2 02:24:33 2003 Subject: Mail list delays In-Reply-To: from "James Thompson" at Oct 9, 98 11:25:36 pm Message-ID: <199810091743.TAA02042@smurfsoft.dauenhauer.de> A non-text attachment was scrubbed... Name: not available Type: text Size: 180 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/19981009/1d8b5111/attachment.bat From cartegw at Eng.Auburn.EDU Fri Oct 9 20:56:51 1998 From: cartegw at Eng.Auburn.EDU (Gerald W. Carter) Date: Tue Dec 2 02:24:33 2003 Subject: what about Active Directory Services? In-Reply-To: <361E334E.BCBB5E57@bdsinc.com> Message-ID: On Sat, 10 Oct 1998, Jens B. Jorgensen wrote: > With all this effort to support NT Domains, what about when things > switch to the new Active Directory Services in NT5? > NT 5 machines will still be able to login into NT4 Domains. There is also work to add an LDAP backend for user management to Samba. BTW...To get the full NT5 environment, my understand is that you'll have be **all** NT5 client and servers. j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From lkcl at switchboard.net Fri Oct 9 21:58:58 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:33 2003 Subject: what about Active Directory Services? In-Reply-To: <361E334E.BCBB5E57@bdsinc.com> Message-ID: it'll happen. hopefully some of the people that go "argh! i really need nt 5 support in samba" will be programmers with time on their hands. On Sat, 10 Oct 1998, Jens B. Jorgensen wrote: > With all this effort to support NT Domains, what about when things > switch to the new Active Directory Services in NT5? > > -- > Jens B. Jorgensen > jjorgens@bdsinc.com > > > Luke Kenneth Casson Leighton Samba and Network Development Samba and Network Consultancy From amol at memcad.com Fri Oct 9 21:00:03 1998 From: amol at memcad.com (Amol Karnik) Date: Tue Dec 2 02:24:33 2003 Subject: password server problems? Message-ID: <361E7953.AD74CAEC@memcad.com> hi all, has anyone found the cause of these error messages in the samba log files? i remember two other ppl asking about this this week. [1998/10/09 16:58:33, 1] smbd/password.c:(956) Password server loop - disabling password server BLUE [1998/10/09 16:58:33, 0] smbd/password.c:(968) password server not available [1998/10/09 16:58:35, 1] smbd/password.c:(1016) password server is not connected - amol From jjorgens at bdsinc.com Fri Oct 9 21:13:12 1998 From: jjorgens at bdsinc.com (Jens B. Jorgensen) Date: Tue Dec 2 02:24:33 2003 Subject: what about Active Directory Services? References: Message-ID: <361E7C68.959CAB71@bdsinc.com> Right, that's so AFAIK. I just got excited after reading the ADS whitepaper for a number of reasons. First, domains will be internet-style (bdsinc.com) and people will login to the domain with a friendly name which would be 'name@domain'. Next, the paper suggests, the way I read it, that we'll be able to modify the directories and add custom data fields. Perhaps then we could add the unix password (and the rest, home dir, etc) to the records and thus finally be able to unify network logons. I find this even more exciting that mapping NT UIDs and GIDs to unix, yada yada. Since supposedly Kerberos security will be used interoperability with unix should be easy (granted: nothing like this is ever as easy as it looks). This would be great because I don't like NIS (or NIS+) anyway. I think LDAP is a much better solution. Is it possible we can have a one, true login? Gerald W. Carter wrote: > On Sat, 10 Oct 1998, Jens B. Jorgensen wrote: > > > With all this effort to support NT Domains, what about when things > > switch to the new Active Directory Services in NT5? > > > > NT 5 machines will still be able to login into NT4 Domains. There is also > work to add an LDAP backend for user management to Samba. BTW...To get > the full NT5 environment, my understand is that you'll have be **all** NT5 > client and servers. > > j- > ________________________________________________________________________ > Gerald ( Jerry ) Carter > Engineering Network Services Auburn University > jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw > > "...a hundred billion castaways looking for a home." > - Sting "Message in a Bottle" ( 1979 ) -- Jens B. Jorgensen jjorgens@bdsinc.com From paulle at microsoft.com Sat Oct 10 00:20:53 1998 From: paulle at microsoft.com (Paul Leach) Date: Tue Dec 2 02:24:33 2003 Subject: what about Active Directory Services? Message-ID: > -----Original Message----- > From: Gerald W. Carter [mailto:cartegw@Eng.Auburn.EDU] > Sent: Friday, October 09, 1998 1:59 PM > To: Multiple recipients of list > Subject: Re: what about Active Directory Services? > > > On Sat, 10 Oct 1998, Jens B. Jorgensen wrote: > > > With all this effort to support NT Domains, what about when things > > switch to the new Active Directory Services in NT5? > > > > NT 5 machines will still be able to login into NT4 Domains. > There is also > work to add an LDAP backend for user management to Samba. > BTW...To get > the full NT5 environment, my understand is that you'll have > be **all** NT5 > client and servers. Not true. If all DCs in a domain are NT5, then any NT5 clients and servers get full NT5 functionality. NT4 and Win9x don't. (Acutally, they can get full NT5 functionality too -- by upgrading :-). Paul From james at cows.ml.org Sat Oct 10 02:59:48 1998 From: james at cows.ml.org (James Willard) Date: Tue Dec 2 02:24:33 2003 Subject: Win95 user level share permissions Message-ID: <199810100259.WAA19298@cows.ml.org> I have Samba 2.0.0prealpha (latest CVS) running as my PDC in my little test network here. I have a Win95 client which I have been able to use to log into the domain controller and valid the password. However, when attempting to share a drive in Win95, if I have it set to user level access control and obtaining userlists from my PDC, I am not able to add users to that share's permissions. Clicking on "Add..." waits for a few moments and then says "You cannot view the list of users at this time. Please try again later." Is this a known problem between Win95 and Samba? I have security = USER on the PDC (I couldn't find any documentation on security = DOMAIN, and Win95 wouldn't login with it enable anyway). I know that User Manager and Server Manager cannot connect to a Samba server currently, is this somehow related? Thanks, James D. Willard james@cows.ml.org -- From jerry at Eng.Auburn.EDU Sat Oct 10 02:37:07 1998 From: jerry at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:33 2003 Subject: what about Active Directory Services? In-Reply-To: Message-ID: <3.0.5.32.19981009213707.00910e80@pophost.eng.auburn.edu> At 05:20 PM 10/9/98 -0700, Paul Leach wrote: > >Not true. If all DCs in a domain are NT5, then any NT5 clients >and servers get full NT5 functionality. NT4 and Win9x don't. >(Acutally, they can get full NT5 functionality too -- by >upgrading :-). Yes. That is what I meant to say. Riddle me this then.... Using all NT 5 servers running Active directory, will they provide backwards compatibilty with NT domains? In other words, does a NT4 domain have to run separately (and sych'd) with Active directory? Or does an AD server "downgrade" when it receives an NT4 style domain login? Just curious, Batman (not really) ;) ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From paulle at microsoft.com Sat Oct 10 06:16:53 1998 From: paulle at microsoft.com (Paul Leach) Date: Tue Dec 2 02:24:33 2003 Subject: what about Active Directory Services? Message-ID: > -----Original Message----- > From: Gerald Carter [mailto:jerry@Eng.Auburn.EDU] > Sent: Friday, October 09, 1998 7:37 PM > > Using all NT 5 servers running Active directory, will they > provide backwards compatibilty with NT domains? Yes. In other > words, does a NT4 domain have to run separately (and sych'd) > with Active directory? No. > Or does an AD server "downgrade" > when it receives an NT4 style domain login? NT5 DCs support NT4 clients transparently. You don't have to have a separate set of NT4 DCs for the NT4 clients. Paul From dugan at libwais.sonoma.edu Sat Oct 10 06:20:00 1998 From: dugan at libwais.sonoma.edu (Mike) Date: Tue Dec 2 02:24:33 2003 Subject: what about Active Directory Services? In-Reply-To: <361E7C68.959CAB71@bdsinc.com> Message-ID: On Sat, 10 Oct 1998, Jens B. Jorgensen wrote: [chop] > Right, that's so AFAIK. I just got excited after reading the ADS whitepaper > for a number of reasons. First, domains will be internet-style (bdsinc.com) > and people will login to the domain with a friendly name which would be > 'name@domain'. This is one of the reasons why MS suggested people replace NT_DOMAIN with NT-DOMAIN since this would be better for DNS compliance with ns lookups. (The "-" is one of the few non-alpha-numeric symbols allowed in DNS names that comply with RFCs (like rfc1034, 1035,) centered around DNS. The next issue will of course be places exceeding the maximun record length when naming thier new nt-domain/ADS system. There are still books on NT that suggest using the "_" instead of the "-" in naming domains. > Next, the paper suggests, the way I read it, that we'll be able > to modify the directories and add custom data fields. Perhaps then we could > add the unix password (and the rest, home dir, etc) to the records and thus > finally be able to unify network logons. I find this even more exciting that > mapping NT UIDs and GIDs to unix, yada yada. Since supposedly Kerberos > security will be used interoperability with unix should be easy (granted: > nothing like this is ever as easy as it looks). This would be great because I > don't like NIS (or NIS+) anyway. I think LDAP is a much better solution. Is it > possible we can have a one, true login? As a guess... just a guess.... they will probably charge you for each active session that accesses a portion on the tree made available throught the NT branch with username/host embeding. How will they charge you? Client license restrictions per seat/per server etc..) There *must* be a cost involved in it. If you are saying that this will allow custom data files that contain usernames and passwords for a share on another system to allow for a sort of auto-mount-daemon that is deman mounted as needed, then I would wonder if MS thought about security of this before creating it, or as an after market add-on, or has not even thought of it. Even then, the problems with dealing with permissions may still exist... However, I am uninformed on the new ADS on NT 5.0, and I am probably just making an assumption based on previous historical reference. Do you have a URL to offer on MS implementation on NT 5.0 of this, a white-paper? (I will perform my own searches in the mean time...) Thanks. -M -------------------------------------------------------------------------- Systems Department Operating Systems Analyst for the Ruben Salazar Library of California State University at Sonoma. /UNIX(/BSD/SysV)\N_NW[.]VMS\WNTS\WNTW\W95\W311\WFWG\DOS:MacOS/NeXTSTEP -------------------------------------------------------------------------- > Gerald W. Carter wrote: > > On Sat, 10 Oct 1998, Jens B. Jorgensen wrote: > > > With all this effort to support NT Domains, what about when things > > > switch to the new Active Directory Services in NT5? > > NT 5 machines will still be able to login into NT4 Domains. There is also > > work to add an LDAP backend for user management to Samba. BTW...To get > > the full NT5 environment, my understand is that you'll have be **all** NT5 > > client and servers. [chop] From laurent.menu at temic.fr Mon Oct 12 12:49:00 1998 From: laurent.menu at temic.fr (laurent.menu@temic.fr) Date: Tue Dec 2 02:24:33 2003 Subject: NetLogon-related problem #1 Message-ID: <"d09pW.M000000000*"@MHS> Hi, I hope I sent this message to the correct mailing list, I didn't not understand what is the mailing list for the mainstream samba developpment Please tell me (flame me ? :-} ) if I'm wrong. I haven't found anything about the problem I have in the mailing list archives. Actually I've got 2 problems, I'm sending another mail to explain the other problem ========================================= Problem #1 with samba-2.0.0-alpha9.tar.gz ========================================= I downloaded the samba-2.0.0-alpha9.tar.gz file last wednesday and compiled it on a hpux box (HP-UX brazil B.10.20 A 9000/827) with gcc It compiled fine, except for the huge binaries produced (ie: ~10Mbyte for smbd) so I put CFLAGS= -O2 instead of CFLAGS=-g -O2 in the Makefile generated by configure. All binary sizes are now <1Mbyte. Good. I suppose the -g flag is for debugging purpose ? I set up the smb.conf for a few services and for samba to be PDC-like. See smb.conf file below. Password validation an netlogon work correctly *but* no access to data on any service. Example: - "dir > tag" reports a "The session was cancelled." error on the NT side - from a NT4 command shell I run "type zob4" (zob4 is an existing file created on the unix side) and I get the same "The session was cancelled." message (see log below) I tried that with sevral users and several services (including services with no %u, %L stuff) : it doesn't work, same problem DIR, MKDIR and CD commands work OK Profile stuff doesn't work, I assume this is in relation with the no file access problem LOG FILE (log.pcntex18) ======================= [1998/10/08 17:34:07, 3] smbd/process.c:process_smb(565) Transaction 1 of length 174 [1998/10/08 17:34:07, 3] smbd/process.c:switch_message(402) switch message SMBnegprot (pid 10326) [1998/10/08 17:34:07, 3] smbd/negprot.c:reply_negprot(332) Requested protocol [PC NETWORK PROGRAM 1.0] [1998/10/08 17:34:07, 3] smbd/negprot.c:reply_negprot(332) Requested protocol [XENIX CORE] [1998/10/08 17:34:07, 3] smbd/negprot.c:reply_negprot(332) Requested protocol [MICROSOFT NETWORKS 1.03] [1998/10/08 17:34:07, 3] smbd/negprot.c:reply_negprot(332) Requested protocol [LANMAN1.0] [1998/10/08 17:34:07, 3] smbd/negprot.c:reply_negprot(332) Requested protocol [Windows for Workgroups 3.1a] [1998/10/08 17:34:07, 3] smbd/negprot.c:reply_negprot(332) Requested protocol [LM1.2X002] [1998/10/08 17:34:07, 3] smbd/negprot.c:reply_negprot(332) Requested protocol [LANMAN2.1] [1998/10/08 17:34:07, 3] smbd/negprot.c:reply_negprot(332) Requested protocol [NT LM 0.12] [1998/10/08 17:34:07, 3] smbd/negprot.c:reply_negprot(409) Selected protocol NT LM 0.12 [1998/10/08 17:34:07, 3] smbd/process.c:process_smb(565) Transaction 2 of length 192 [1998/10/08 17:34:07, 3] smbd/process.c:switch_message(402) switch message SMBsesssetupX (pid 10326) [1998/10/08 17:34:07, 3] smbd/reply.c:reply_sesssetup_and_X(567) Domain=[AMAZONE] NativeOS=[Windows NT 1381] NativeLanMan=[] [1998/10/08 17:34:07, 3] smbd/reply.c:reply_sesssetup_and_X(571) sesssetupX:name=[lmenu] [1998/10/08 17:34:07, 3] smbd/password.c:setup_groups(189) lmenu is in 1 groups: 960 [1998/10/08 17:34:07, 3] smbd/password.c:register_vuid(266) uid 9666 registered to name lmenu [1998/10/08 17:34:07, 3] smbd/password.c:register_vuid(268) Clearing default real name [1998/10/08 17:34:07, 3] smbd/process.c:chain_reply(715) Chained message [1998/10/08 17:34:07, 3] smbd/process.c:switch_message(402) switch message SMBtconX (pid 10326) [1998/10/08 17:34:07, 2] lib/access.c:check_access(232) Allowed connection from pcntex18.temic.fr (172.29.232.172) [1998/10/08 17:34:07, 3] smbd/password.c:authorise_login(702) ACCEPTED: validated uid ok as non-guest [1998/10/08 17:34:08, 3] smbd/service.c:make_connection(380) Connect path is /home/dos/brazil/users/lmenu [1998/10/08 17:34:08, 3] smbd/password.c:setup_groups(189) lmenu is in 1 groups: 960 [1998/10/08 17:34:08, 3] lib/util.c:ChDir(1232) chdir to /home/dos/brazil/users/lmenu [1998/10/08 17:34:08, 3] lib/util.c:ChDir(1232) chdir to /soft/alpha9/var [1998/10/08 17:34:08, 1] smbd/service.c:make_connection(482) pcntex18 (172.29.232.172) connect to service homedir as user lmenu (uid=9666, gid=960) (pid 10326) [1998/10/08 17:34:08, 3] smbd/reply.c:reply_tcon_and_X(340) tconX service=homedir user=lmenu [1998/10/08 17:34:08, 3] smbd/process.c:process_smb(565) Transaction 3 of length 90 [1998/10/08 17:34:08, 3] smbd/process.c:switch_message(402) switch message SMBtrans2 (pid 10326) [1998/10/08 17:34:08, 3] lib/util.c:ChDir(1232) chdir to /home/dos/brazil/users/lmenu ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ this is my HOMEDIR, owner lmenu:ex960, R/W-able [1998/10/08 17:34:08, 3] lib/util.c:unix_clean_name(1191) unix_clean_name [/DPATH/zob4] ^^^^^^^^^^^^^ doesn't correspond to HOMEDIR service, no DPATH directory [1998/10/08 17:34:08, 3] lib/util.c:unix_clean_name(1191) unix_clean_name [DPATH/zob4] [1998/10/08 17:34:08, 3] smbd/trans2.c:call_trans2qfilepathinfo(1253) fileinfo of DPATH/zob4 failed (No such file or directory) [1998/10/08 17:34:08, 3] smbd/error.c:error_packet(138) error packet at line 1259 cmd=50 (SMBtrans2) eclass=1 ecode=3 [1998/10/08 17:34:08, 3] smbd/error.c:error_packet(143) error string = No such file or directory [1998/10/08 17:34:18, 3] lib/util.c:ChDir(1232) chdir to /soft/alpha9/var smb.conf file ============= [global] netbios name = BRAZIL workgroup = AMAZONE server string = BRAZIL, no_nt local master = yes domain master = yes security = USER preferred master = yes os level = 34 domain logons = yes logon script = lmlogon.bat domain admin group = lmenu logon drive = y: logon home = "\\BRAZIL\HOMEDIR" logon path = "\\BRAZIL\PROFILE\profile" encrypt passwords = yes ; les log ... log file = /soft/samba/var/log.%m debug level = 3 max log size = 50 lock directory = /soft/samba/var/locks locking = yes ; Ou sont les passwords ? ; password server = MOTHER password level = 4 guest account = lmguest ; revalidate = false hosts allow = 172.29.0.0 / 255.255.0.0 socket options = TCP_NODELAY ; Performance read size = 65535 read raw = yes read prediction = True write raw = yes shared mem size = 3000000 max xmit = 65535 fake oplocks=no oplocks = yes ;====================================================== ;====================================================== [printers] ; Pour les printers printcap name = /etc/myprintcap browseable = no printing = hpux comment = "All printers" ; path = /var/spool/lp/request path = /var/spool/lp/request/%S public = true printable = yes writable = no ;print command = lp -c -oraw -onb -d%p %s;rm %s print command = lp -oraw -onb -d%p %s;rm %s ;====================================================== ;====================================================== [netlogon] ;fakeserver = brazil comment = Logon sur BRAZIL path = /home/dos/brazil/netlogon public = yes browseable = yes writeable = no admin users = lmenu write list = lmenu force group = MONK force user = MONK create mask = 644 directory mask = 755 ;====================================================== ;====================================================== [kosamba] ;fakeserver = brazil comment = King of Samba ! path = /home/dos/ public = no browseable = yes writeable = yes valid users = lmenu jlahelle admin users = lmenu jlahelle force group = sys ;====================================================== ;====================================================== [rio] ;fakeserver = brazil comment= BRAZIL fakeservers infos path = /home/dos/rio public = no browseable = yes writeable = no public=yes hide dot files=yes ;====================================================== ;====================================================== [profile] ;fakeserver = brazil comment = %U profile partition path = /home/dos/brazil/profile/%U ; public = no browseable = yes writable = yes create mask = 0777 directory mask = 0777 ;====================================================== ;====================================================== [homedir] ;fakeserver = brazil comment = %U Homedir as %L member path = /home/dos/%L/users/%U public = no browseable = yes writable = yes create mask = 0700 directory mask = 0700 ;====================================================== ;====================================================== [tout] ;fakeserver = brazil comment = partition tout public path = /home/dos/brazil/tout public = yes writeable = yes ;====================================================== ;====================================================== [common] ;fakeserver = brazil comment = %L Common Zone path = /home/dos/%L/common public = no valid users = jlahelle lmenu write list = jlahelle lmenu create mask = 770 directory mask = 770 From laurent.menu at temic.fr Mon Oct 12 12:56:00 1998 From: laurent.menu at temic.fr (laurent.menu@temic.fr) Date: Tue Dec 2 02:24:33 2003 Subject: NetLogons related problem #2 Message-ID: Hi again, I hope you're not already fed up with my mails ;-) As you've (maybe) seen in my last mail, I could not use shared drive with the alpha9 version but netlogon was OK. So I ran the bleeding-edge-cvs-download-stuff to get the up2date sources twice : last thursday and today (monday) and each time recompiled the whole stuff (same platform). In each case, data access & password validation were OK : I can log on the NT box with a local account and open shared drive with password validation. I also checked that another 9000 (named castor) can be set up with "security=server" and "password server= brazil" (while brazil is running samba-pdc). Very good ! :-) *but* I could not netlogon to the samba-pdc domain (AMAZONE) from my NT4 workstation :-( I did not check with 95. Please tell me if you need more information or if you'd like me to test something else. Thank you for your help ! Laurent Log file attached (debug level = 100) ======================================== smb.conf file following : ========================= [global] netbios name = BRAZIL workgroup = AMAZONE server string = BRAZIL, no_nt log level = 100 passwd chat debug = yes security = user local master = yes domain master = yes preferred master = yes os level = 34 domain logons = yes logon script = lmlogon.bat logon drive = y: logon home = "\\BRAZIL\HOMEDIR" logon path = "\\BRAZIL\PROFILE\%U" domain admin group = lmenu, jlahelle encrypt passwords = yes log file = /soft/samba/var/log.%m debug level = 100 max log size = 50 lock directory = /soft/samba/var/locks locking = yes password level = 4 guest account = lmguest hosts allow = 172.29.0.0 / 255.255.0.0 socket options = TCP_NODELAY read size = 65535 read raw = yes read prediction = True write raw = yes shared mem size = 3000000 max xmit = 65535 fake oplocks=no oplocks = yes [printers] printcap name = /etc/myprintcap browseable = no printing = hpux comment = "All printers" ; path = /var/spool/lp/request path = /var/spool/lp/request/%S public = true printable = yes writable = no ;print command = lp -c -oraw -onb -d%p %s;rm %s print command = lp -oraw -onb -d%p %s;rm %s [netlogon] comment = Logon sur BRAZIL path = /home/dos/brazil/netlogon public = yes browseable = yes writeable = no admin users = lmenu write list = lmenu force group = MONK force user = MONK create mask = 644 directory mask = 755 [kosamba] comment = King of Samba ! path = /home/dos/ public = no browseable = yes writeable = yes valid users = lmenu jlahelle admin users = lmenu jlahelle force group = sys [rio] comment= BRAZIL fakeservers infos path = /home/dos/rio public = no browseable = yes writeable = no public=yes hide dot files=yes [profile] comment = %U profile partition path = /home/dos/brazil/profile public = yes browseable = yes writable = yes create mask = 0777 directory mask = 0777 [homedir] comment = %U Homedir as %L member path = /home/dos/%L/users/%U public = no browseable = yes writable = yes create mask = 0700 directory mask = 0700 [tout] comment = partition tout public path = /home/dos/brazil/tout public = yes writeable = yes [common] comment = %L Common Zone path = /home/dos/%L/common public = no valid users = jlahelle lmenu write list = jlahelle lmenu create mask = 770 directory mask = 770 become_user uid=(0,201) gid=(0,200) [1998/10/12 14:15:06, 3] lib/util.c:ChDir(1232) chdir to /tmp [1998/10/12 14:15:06, 3] smbd/ipc.c:reply_trans(3564) trans <\PIPE\> data=290 params=0 setup=2 [1998/10/12 14:15:06, 5] smbd/ipc.c:reply_trans(3567) calling named_pipe [1998/10/12 14:15:06, 3] smbd/ipc.c:named_pipe(3430) named pipe command on <> name [1998/10/12 14:15:06, 5] smbd/ipc.c:api_fd_reply(3192) api_fd_reply [1998/10/12 14:15:06, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(373) search for pipe pnum=7036 [1998/10/12 14:15:06, 5] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(378) pipe name NETLOGON pnum=7036 (pipes_open=1) [1998/10/12 14:15:06, 3] smbd/ipc.c:api_fd_reply(3220) Got API command 0x26 on pipe "NETLOGON" (pnum 7036)api_fd_reply: p:40025e70 fi le_offset: 1024 [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_debug(36) 000000 smb_io_rpc_hdr [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint8(111) 40026788 major : 05 [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint8(111) 40026788 minor : 00 [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint8(111) 40026788 pkt_type : 00 [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint8(111) 40026788 flags : 03 [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint32(139) 40026788 pack_type : 00000010 [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint16(125) 40026788 frag_len : 0122 [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint16(125) 40026788 auth_len : 0000 [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint32(139) 40026788 call_id : 00000005 [1998/10/12 14:15:06, 3] rpc_server/srv_util.c:api_pipe_request(449) Doing \PIPE\NETLOGON [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_debug(36) 000010 smb_io_rpc_hdr_req req [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint32(139) 40026788 alloc_hint: 0000010a [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint16(125) 40026788 context_id: 0000 [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint16(125) 40026788 opnum : 0002 [1998/10/12 14:15:06, 4] rpc_server/srv_util.c:api_rpc_command(498) api_rpc_command: api_netlog_rpc op 0x2 - api_rpc_command: NET_SAMLOGON [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_debug(36) 000018 net_io_q_sam_logon [1998/10/12 14:15:06, 6] rpc_parse/parse_prs.c:prs_debug(36) 000018 smb_io_sam_info [1998/10/12 14:15:06, 7] rpc_parse/parse_prs.c:prs_debug(36) 000018 smb_io_clnt_info2 [1998/10/12 14:15:06, 8] rpc_parse/parse_prs.c:prs_debug(36) 000018 smb_io_clnt_srv [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint32(139) 40026788 undoc_buffer : 001481f8 [1998/10/12 14:15:06, 9] rpc_parse/parse_prs.c:prs_debug(36) 00001c smb_io_unistr2 unistr2 [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint32(139) 40026788 uni_max_len: 00000009 [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint32(139) 40026788 undoc : 00000000 [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint32(139) 40026788 uni_str_len: 00000009 [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_unistr2(213) 40026788 buffer : .\.\.B.R.A.Z.I.L.. [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint32(139) 40026788 undoc_buffer2: 757c3cb4 [1998/10/12 14:15:06, 9] rpc_parse/parse_prs.c:prs_debug(36) 000040 smb_io_unistr2 unistr2 [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint32(139) 40026788 uni_max_len: 00000009 [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint32(139) 40026788 undoc : 00000000 [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint32(139) 40026788 uni_str_len: 00000009 [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_unistr2(213) 40026788 buffer : .P.C.N.T.E.X.0.7.. [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint32(139) 40026788 ptr_cred: 0139f9f8 [1998/10/12 14:15:06, 8] rpc_parse/parse_prs.c:prs_debug(36) 000064 smb_io_cred [1998/10/12 14:15:06, 9] rpc_parse/parse_prs.c:prs_debug(36) 000064 smb_io_chal [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint8s(154) 40026788 data: d8 91 44 06 bf a6 83 08 [1998/10/12 14:15:06, 9] rpc_parse/parse_prs.c:prs_debug(36) 00006c smb_io_utime [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint32(139) 40026788 time: 3621f1cd [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint32(139) 40026788 ptr_rtn_cred : 0139fa04 [1998/10/12 14:15:06, 7] rpc_parse/parse_prs.c:prs_debug(36) 000074 smb_io_cred [1998/10/12 14:15:06, 8] rpc_parse/parse_prs.c:prs_debug(36) 000074 smb_io_chal [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint8s(154) 40026788 data: b9 6e f7 77 00 00 14 00 [1998/10/12 14:15:06, 8] rpc_parse/parse_prs.c:prs_debug(36) 00007c smb_io_utime [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint32(139) 40026788 time: 00000000 [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint16(125) 40026788 logon_level : 0001 [1998/10/12 14:15:06, 7] rpc_parse/parse_prs.c:prs_debug(36) 000082 smb_io_sam_info logon_info [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint16(125) 40026788 switch_value : 0001 [1998/10/12 14:15:06, 8] rpc_parse/parse_prs.c:prs_debug(36) 000084 net_io_id_info1 [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint32(139) 40026788 ptr_id_info1: 0139fce4 [1998/10/12 14:15:06, 9] rpc_parse/parse_prs.c:prs_debug(36) 000088 smb_io_unihdr unihdr [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint16(125) 40026788 uni_str_len: 000e [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint16(125) 40026788 uni_max_len: 000e [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint32(139) 40026788 buffer : 0014b10e [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint32(139) 40026788 param_ctrl: 00000000 [1998/10/12 14:15:06, 9] rpc_parse/parse_prs.c:prs_debug(36) 000094 smb_io_logon_id [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint32(139) 40026788 low : 000025e5 [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint32(139) 40026788 high: 00000000 [1998/10/12 14:15:06, 9] rpc_parse/parse_prs.c:prs_debug(36) 00009c smb_io_unihdr unihdr [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint16(125) 40026788 uni_str_len: 0010 [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint16(125) 40026788 uni_max_len: 0010 [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint32(139) 40026788 buffer : 0014b0fc [1998/10/12 14:15:06, 9] rpc_parse/parse_prs.c:prs_debug(36) 0000a4 smb_io_unihdr unihdr [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint16(125) 40026788 uni_str_len: 0010 [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint16(125) 40026788 uni_max_len: 0012 [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint32(139) 40026788 buffer : 001443c0 [1998/10/12 14:15:06, 9] rpc_parse/parse_prs.c:prs_debug(36) 0000ac smb_io_owf_info [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint8s(154) 40026788 data: 55 df 6a f5 32 57 2f e0 10 93 7c 15 1e 74 b c aa [1998/10/12 14:15:06, 9] rpc_parse/parse_prs.c:prs_debug(36) 0000bc smb_io_owf_info [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint8s(154) 40026788 data: 61 08 9a 62 bd c7 f4 a3 e6 b6 28 a6 db df 0 2 34 [1998/10/12 14:15:06, 9] rpc_parse/parse_prs.c:prs_debug(36) 0000cc smb_io_unistr2 unistr2 [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint32(139) 40026788 uni_max_len: 00000007 [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint32(139) 40026788 undoc : 00000000 [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint32(139) 40026788 uni_str_len: 00000007 [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_unistr2(213) 40026788 buffer : .A.M.A.Z.O.N.E [1998/10/12 14:15:06, 9] rpc_parse/parse_prs.c:prs_debug(36) 0000e6 smb_io_unistr2 unistr2 [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint32(139) 40026788 uni_max_len: 00000008 [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint32(139) 40026788 undoc : 00000000 [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint32(139) 40026788 uni_str_len: 00000008 [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_unistr2(213) 40026788 buffer : .j.l.a.h.e.l.l.e [1998/10/12 14:15:06, 9] rpc_parse/parse_prs.c:prs_debug(36) 000104 smb_io_unistr2 unistr2 [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint32(139) 40026788 uni_max_len: 00000009 [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint32(139) 40026788 undoc : 00000000 [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint32(139) 40026788 uni_str_len: 00000008 [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_unistr2(213) 40026788 buffer : .P.C.N.T.E.X.0.7.. [1998/10/12 14:15:06, 5] rpc_parse/parse_prs.c:prs_uint16(125) 40026788 validation_level: 0003 [1998/10/12 14:15:06, 5] libsmb/credentials.c:deal_with_creds(187) deal_with_creds: 187 [1998/10/12 14:15:06, 4] libsmb/credentials.c:cred_create(95) cred_create [1998/10/12 14:15:06, 5] libsmb/credentials.c:cred_create(97) sess_key : 13649747B952B681 [1998/10/12 14:15:06, 5] libsmb/credentials.c:cred_create(98) stor_cred: 779C79E0EEE5B45B [1998/10/12 14:15:06, 5] libsmb/credentials.c:cred_create(99) timestamp: 3621f1cd [1998/10/12 14:15:06, 5] libsmb/credentials.c:cred_create(100) timecred : 448E9B16EEE5B45B [1998/10/12 14:15:06, 5] libsmb/credentials.c:cred_create(101) calc_cred: D8914406BFA68308 [1998/10/12 14:15:06, 4] libsmb/credentials.c:cred_assert(126) cred_assert [1998/10/12 14:15:06, 5] libsmb/credentials.c:cred_assert(128) challenge : D8914406BFA68308 [1998/10/12 14:15:06, 5] libsmb/credentials.c:cred_assert(129) calculated: D8914406BFA68308 [1998/10/12 14:15:06, 5] libsmb/credentials.c:cred_assert(133) credentials check ok [1998/10/12 14:15:06, 5] libsmb/credentials.c:deal_with_creds(203) deal_with_creds: new_cred[0]=169b8e45 [1998/10/12 14:15:06, 5] libsmb/credentials.c:deal_with_creds(208) deal_with_creds: new_clnt_time=3621f1ce [1998/10/12 14:15:06, 4] libsmb/credentials.c:cred_create(95) cred_create [1998/10/12 14:15:06, 5] libsmb/credentials.c:cred_create(97) sess_key : 13649747B952B681 [1998/10/12 14:15:06, 5] libsmb/credentials.c:cred_create(98) stor_cred: 779C79E0EEE5B45B [1998/10/12 14:15:07, 5] libsmb/credentials.c:cred_create(99) timestamp: 3621f1ce [1998/10/12 14:15:07, 5] libsmb/credentials.c:cred_create(100) timecred : 458E9B16EEE5B45B [1998/10/12 14:15:07, 5] libsmb/credentials.c:cred_create(101) calc_cred: B8B63D4332BFB9DE [1998/10/12 14:15:07, 5] libsmb/credentials.c:deal_with_creds(214) deal_with_creds: clnt_cred=779C79E0EEE5B45B [1998/10/12 14:15:07, 3] rpc_server/srv_netlog.c:api_net_sam_logon(621) SAM Logon (Interactive). Domain:[AMAZONE]. unistrn2: 6a 6c 61 68 65 6c 6c 65 [1998/10/12 14:15:07, 3] rpc_server/srv_netlog.c:api_net_sam_logon(647) User:[jlahelle] [1998/10/12 14:15:07, 10] passdb/passdb.c:iterate_getsmbpwnam(130) search by name: jlahelle [1998/10/12 14:15:07, 10] passdb/smbpass.c:startsmbfilepwent(45) startsmbfilepwent: opening file /soft/cvsget3run/private/smbpasswd [1998/10/12 14:15:07, 100] passdb/smbpass.c:getsmbfilepwent(137) getsmbfilepwent: got line |# Samba SMB password file| [1998/10/12 14:15:07, 6] passdb/smbpass.c:getsmbfilepwent(159) getsmbfilepwent: skipping comment or blank line [1998/10/12 14:15:07, 100] passdb/smbpass.c:getsmbfilepwent(137) getsmbfilepwent: got line |pcntmi13$:9997:6AC10C852A226F1C1FD1EAB2D9B4E20F:6AC 10C852A226F1C1FD1EAB2D9B4E20F:[W ]:LCT-3621B345:| [1998/10/12 14:15:07, 5] passdb/smbpass.c:getsmbfilepwent(252) getsmbfilepwent: returning passwd entry for user pcntmi13$, uid 9997 [1998/10/12 14:15:07, 100] passdb/smbpass.c:getsmbfilepwent(137) getsmbfilepwent: got line |lmenu:9666:93F202BB581683A7AAD3B435B51404EE:A725F22 CD78658E45CF6E08670BFBA70:[U ]:LCT-3621EF7C:| [1998/10/12 14:15:07, 5] passdb/smbpass.c:getsmbfilepwent(252) getsmbfilepwent: returning passwd entry for user lmenu, uid 9666 [1998/10/12 14:15:07, 100] passdb/smbpass.c:getsmbfilepwent(137) getsmbfilepwent: got line |jlahelle:4303:93F202BB581683A7AAD3B435B51404EE:A725 F22CD78658E45CF6E08670BFBA70:[U ]:LCT-3621EFCC:| [1998/10/12 14:15:07, 5] passdb/smbpass.c:getsmbfilepwent(252) getsmbfilepwent: returning passwd entry for user jlahelle, uid 4303 [1998/10/12 14:15:07, 10] passdb/passdb.c:iterate_getsmbpwnam(146) found by name: jlahelle [1998/10/12 14:15:07, 7] passdb/smbpass.c:endsmbfilepwent(81) endsmbfilepwent: closed password file. [1998/10/12 14:15:07, 100] rpc_server/srv_netlog.c:net_login_interactive(513) decrypt of lm owf password:[000] 93 F2 02 BB 58 16 83 A7 10 93 7C 15 1E 74 BC AA ....X... ..|..t.. [1998/10/12 14:15:07, 100] rpc_server/srv_netlog.c:net_login_interactive(516) decrypt of nt owf password:[000] A7 25 F2 2C D7 86 58 E4 E6 B6 28 A6 DB DF 02 34 .%.,..X. ..(....4 [1998/10/12 14:15:07, 5] rpc_parse/parse_prs.c:prs_debug(36) 000000 net_io_r_sam_logon [1998/10/12 14:15:07, 5] rpc_parse/parse_prs.c:prs_uint32(139) 40049a90 buffer_creds: 00000001 [1998/10/12 14:15:07, 6] rpc_parse/parse_prs.c:prs_debug(36) 000004 smb_io_cred [1998/10/12 14:15:07, 7] rpc_parse/parse_prs.c:prs_debug(36) 000004 smb_io_chal [1998/10/12 14:15:07, 5] rpc_parse/parse_prs.c:prs_uint8s(154) 40049a90 data: b8 b6 3d 43 32 bf b9 de [1998/10/12 14:15:07, 7] rpc_parse/parse_prs.c:prs_debug(36) 00000c smb_io_utime [1998/10/12 14:15:07, 5] rpc_parse/parse_prs.c:prs_uint32(139) 40049a90 time: 00000000 [1998/10/12 14:15:07, 5] rpc_parse/parse_prs.c:prs_uint16(125) 40049a90 switch_value: 0000 [1998/10/12 14:15:07, 5] rpc_parse/parse_prs.c:prs_uint32(139) 40049a90 auth_resp : 00000001 [1998/10/12 14:15:07, 5] rpc_parse/parse_prs.c:prs_uint32(139) 40049a90 status : c000006a [1998/10/12 14:15:07, 10] rpc_server/srv_util.c:api_rpc_command(537) called api_netlog_rpc [1998/10/12 14:15:07, 5] rpc_server/srv_util.c:create_rpc_reply(169) create_rpc_reply: data_start: 0 data_end: 28 max_tsize: 5680 [1998/10/12 14:15:07, 5] rpc_parse/parse_prs.c:prs_debug(36) 000000 smb_io_rpc_hdr hdr [1998/10/12 14:15:07, 5] rpc_parse/parse_prs.c:prs_uint8(111) 40026a80 major : 05 [1998/10/12 14:15:07, 5] rpc_parse/parse_prs.c:prs_uint8(111) 40026a80 minor : 00 [1998/10/12 14:15:07, 5] rpc_parse/parse_prs.c:prs_uint8(111) 40026a80 pkt_type : 02 [1998/10/12 14:15:07, 5] rpc_parse/parse_prs.c:prs_uint8(111) 40026a80 flags : 03 [1998/10/12 14:15:07, 5] rpc_parse/parse_prs.c:prs_uint32(139) 40026a80 pack_type : 00000010 [1998/10/12 14:15:07, 5] rpc_parse/parse_prs.c:prs_uint16(125) 40026a80 frag_len : 0034 [1998/10/12 14:15:07, 5] rpc_parse/parse_prs.c:prs_uint16(125) 40026a80 auth_len : 0000 [1998/10/12 14:15:07, 5] rpc_parse/parse_prs.c:prs_uint32(139) 40026a80 call_id : 00000005 [1998/10/12 14:15:07, 5] rpc_parse/parse_prs.c:prs_debug(36) 000010 smb_io_rpc_hdr_resp resp [1998/10/12 14:15:07, 5] rpc_parse/parse_prs.c:prs_uint32(139) 40026a80 alloc_hint: 0000001c [1998/10/12 14:15:07, 5] rpc_parse/parse_prs.c:prs_uint16(125) 40026a80 context_id: 0000 [1998/10/12 14:15:07, 5] rpc_parse/parse_prs.c:prs_uint8(111) 40026a80 cancel_ct : 00 [1998/10/12 14:15:07, 5] rpc_parse/parse_prs.c:prs_uint8(111) 40026a80 reserved : 00 [1998/10/12 14:15:07, 5] smbd/ipc.c:copy_trans_params_and_data(150) copy_trans_params_and_data: params[0..0] data[0..52] [1998/10/12 14:15:07, 5] lib/util.c:show_msg(996) size=108 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=1 [1998/10/12 14:15:07, 5] lib/util.c:show_msg(1002) smb_tid=1 smb_pid=9632 smb_uid=100 smb_mid=832 smt_wct=10 [1998/10/12 14:15:07, 5] lib/util.c:show_msg(1007) smb_vwv[0]=0 (0x0) [1998/10/12 14:15:07, 5] lib/util.c:show_msg(1007) smb_vwv[1]=52 (0x34) [1998/10/12 14:15:07, 5] lib/util.c:show_msg(1007) smb_vwv[2]=0 (0x0) [1998/10/12 14:15:07, 5] lib/util.c:show_msg(1007) smb_vwv[3]=0 (0x0) [1998/10/12 14:15:07, 5] lib/util.c:show_msg(1007) smb_vwv[4]=56 (0x38) [1998/10/12 14:15:07, 5] lib/util.c:show_msg(1007) smb_vwv[5]=0 (0x0) [1998/10/12 14:15:07, 5] lib/util.c:show_msg(1007) smb_vwv[6]=52 (0x34) [1998/10/12 14:15:07, 5] lib/util.c:show_msg(1007) smb_vwv[7]=56 (0x38) [1998/10/12 14:15:07, 5] lib/util.c:show_msg(1007) smb_vwv[8]=0 (0x0) [1998/10/12 14:15:07, 5] lib/util.c:show_msg(1007) smb_vwv[9]=0 (0x0) [1998/10/12 14:15:07, 5] lib/util.c:show_msg(1012) smb_bcc=53 [1998/10/12 14:15:07, 10] lib/util.c:dump_data(4694) [000] 00 05 00 02 03 10 00 00 00 34 00 00 00 05 00 00 ........ .4...... [1998/10/12 14:15:07, 10] lib/util.c:dump_data(4702) [010] 00 1C 00 00 00 00 00 00 00 01 00 00 00 B8 B6 3D ........ .......= [1998/10/12 14:15:07, 10] lib/util.c:dump_data(4702) [020] 43 32 BF B9 DE 00 00 00 00 00 00 00 00 01 00 00 C2...... ........ [1998/10/12 14:15:07, 10] lib/util.c:dump_data(4702) [030] 00 6A 00 00 C0 .j... [1998/10/12 14:15:07, 6] lib/util.c:write_socket(1836) write_socket(6,112) [1998/10/12 14:15:07, 6] lib/util.c:write_socket(1839) write_socket(6,112) wrote 112 [1998/10/12 14:15:17, 3] lib/util.c:ChDir(1232) chdir to /soft [1998/10/12 14:15:17, 5] smbd/uid.c:unbecome_user(343) unbecome_user now uid=(0,0) gid=(0,0) From tom.turpin at rptg.ryobi.com Mon Oct 12 17:42:42 1998 From: tom.turpin at rptg.ryobi.com (Tom Turpin) Date: Tue Dec 2 02:24:33 2003 Subject: NT Logins no longer functioning. Message-ID: <1E3CD9E2453ED211A85C080009DCA6690A15AF@RYOBI4> I downloaded the latest/bloodiest this morning and decided to move some things around. In the process, I blew away the prior version. I have now gotten samba to appear to be up functioning again. However, when I try to login through my NT workstation. It claims that the password is not correct. I have used the smbclient that comes with Samba, and it works just fine. Any ideas? Thanks in advance. Also, output from my testparm is attached below. <> Thomas B. Turpin Engineering/CAD Systems Administration Ryobi Motor Products Phone: (864) 878-6331 ext. 4166 Fax: (864) 898-4088 E-mail: tom.turpin@rptg.ryobi.com -------------- next part -------------- Load smb config files from /samba/lib/smb.conf Processing section "[homes]" Processing section "[netlogon]" Processing section "[Profiles]" Processing section "[printers]" Processing section "[tmp]" Loaded services file OK. Press enter to see a dump of your service definitions # Global parameters workgroup = CAD netbios name = CAD netbios aliases = KONG server string = CAD interfaces = bind interfaces only = No security = USER encrypt passwords = Yes update encrypted = No use rhosts = No null passwords = No password server = smb passwd file = /samba/private/smbpasswd hosts equiv = root directory = / passwd program = /samba/bin/smbpasswd passwd chat = *old*password* %o\n *new*password* %n\n *new*password* %n\n *changed* passwd chat debug = No username map = password level = 0 username level = 0 unix password sync = No log level = 2 syslog = 1 syslog only = No log file = /samba/var/log.%m max log size = 50 timestamp logs = Yes protocol = NT1 read bmpx = Yes read raw = Yes write raw = Yes networkstation user login = No nt smb support = Yes announce version = 4.2 announce as = NT max mux = 50 max xmit = 65535 name resolve order = lmhosts host wins bcast max packet = 65535 max ttl = 259200 max wins ttl = 518400 min wins ttl = 21600 time server = No change notify timeout = 60 deadtime = 0 getwd cache = Yes keepalive = 300 lpq cache time = 10 max disk size = 0 max open files = 10000 read prediction = No read size = 16384 shared mem size = 1048576 socket options = TCP_NODELAY stat cache size = 50 load printers = Yes printcap name = lpstat printer driver file = /samba/lib/printers.def strip dot = No character set = mangled stack = 50 coding system = client code page = 850 stat cache = Yes domain sid = domain groups = admin domain controller = Yes domain admin group = turpint domain guest group = domain admin users = domain guest users = machine password timeout = 604800 logon script = %m.bat logon path = \\%L\Profiles\%U logon drive = logon home = \\%N\%U domain logons = Yes os level = 33 lm announce = Auto lm interval = 60 preferred master = Yes local master = Yes domain master = Yes browse list = Yes dns proxy = No wins proxy = No wins server = wins support = No kernel oplocks = Yes ole locking compatibility = Yes smbrun = /samba/bin/smbrun config file = preload = lock dir = /samba/var/locks default service = message command = dfree command = valid chars = remote announce = remote browse sync = socket address = 0.0.0.0 homedir map = time offset = 0 unix realname = No NIS homedir = No panic action = comment = path = alternate permissions = No revalidate = No username = guest account = nobody invalid users = valid users = admin users = read list = write list = force user = force group = read only = Yes create mask = 0744 force create mode = 00 directory mask = 0755 force directory mode = 00 guest only = No guest ok = No only user = No hosts allow = hosts deny = status = Yes max connections = 0 min print space = 0 strict sync = No sync always = No print ok = No postscript = No printing = bsd print command = lp -c -d%p %s; rm %s lpq command = lpstat -o%p lprm command = cancel %p-%j lppause command = lp -i %p-%j -H hold lpresume command = lp -i %p-%j -H resume queuepause command = lpc stop %p queueresume command = lpc start %p printer name = printer driver = NULL printer driver location = default case = lower case sensitive = No preserve case = Yes short preserve case = Yes mangle case = No mangling char = ~ hide dot files = Yes delete veto files = No veto files = hide files = veto oplock files = map system = No map hidden = No map archive = Yes mangled names = Yes mangled map = browseable = Yes blocking locks = Yes fake oplocks = No locking = Yes oplocks = Yes strict locking = No share modes = Yes copy = include = exec = postexec = root preexec = root postexec = available = Yes volume = fstype = NTFS set directory = No wide links = Yes follow symlinks = Yes dont descend = magic script = magic output = delete readonly = No dos filetimes = No dos filetime resolution = No fake directory create times = No [homes] comment = Home Directories read only = No browseable = No [netlogon] comment = Network Logon Service path = /samba/lib/netlogon guest ok = Yes share modes = No [Profiles] path = /samba/profiles read only = No browseable = No [printers] comment = All Printers path = /samba print ok = Yes browseable = No [tmp] comment = Temporary file space path = /tmp write list = @admin guest ok = Yes From e92_jlu at e.kth.se Mon Oct 12 19:14:41 1998 From: e92_jlu at e.kth.se (John =?ISO-8859-1?Q?Lundb=E4ck?=) Date: Tue Dec 2 02:24:33 2003 Subject: NT Logins no longer functioning. In-Reply-To: Your message of "Tue, 13 Oct 1998 03:49:46 +1000." <1E3CD9E2453ED211A85C080009DCA6690A15AF@RYOBI4> Message-ID: <199810121914.VAA01685@kinshasa.e.kth.se> > > I downloaded the latest/bloodiest this morning and decided to move some > things around. In the process, I blew away the prior version. I have now > gotten samba to appear to be up functioning again. However, when I try to > login through my NT workstation. It claims that the password is not > correct. I have used the smbclient that comes with Samba, and it works just > fine. Any ideas? Thanks in advance. Also, output from my testparm is > attached below. > Well, for me I compiled alpha-9 and tested it and found it blew right out into the blue sky. However during the testing of this version I added some computers using the smbpasswd -a -m machine$ command. When I later switched back to alpha-7 version which worked, I found out that all the computers I added with the newer version of smbpasswd could not access any other computer on the LAN as samba complained that the password was incorrect. The solution which worked for me was to remove all the entries in the smbpasswd file and redo the smbpasswd -a -m foo$ command. After which all my computers lived happily together on the LAN. Regards, John From tom.turpin at rptg.ryobi.com Mon Oct 12 19:26:25 1998 From: tom.turpin at rptg.ryobi.com (Tom Turpin) Date: Tue Dec 2 02:24:33 2003 Subject: Encryption Problem Message-ID: <1E3CD9E2453ED211A85C080009DCA6690A15B1@RYOBI4> With this morning CVS download, it seems that NT stations no longer seem to be able to login. Let me know if you think I have made mistakes or improperly configured the settings. Smb.conf follows: # This is the main Samba configuration file. You should read the # smb.conf(5) manual page in order to understand the options listed # here. Samba has a huge number of configurable options (perhaps too # many!) most of which are not shown in this example # # Any line which starts with a ; (semi-colon) or a # (hash) # is a comment and is ignored. In this example we will use a # # for commentary and a ; for parts of the config file that you # may wish to enable # # NOTE: Whenever you modify this file you should run the command "testparm" # to check that you have not many any basic syntactic errors. # #======================= Global Settings ===================================== [global] encrypt passwords = yes null passwords = no netbios name = CAD ; netbios aliases = KONG networkstation user login = no domain admin users = turpint domain groups = admin domain controller = yes hosts allow = 172.20., 172.23., 127. # workgroup = NT-Domain-Name or Workgroup-Name, eg: REDHAT4 workgroup = CAD # server string is the equivalent of the NT Description field server string = CAD # This option is important for security. It allows you to restrict # connections to machines which are on your local network. The # following example restricts access to two C class networks and # the "loopback" interface. For more examples of the syntax see # the smb.conf man page ; hosts allow = 192.168.1. 192.168.2. 127. # If you want to automatically load your printer list rather # than setting them up individually then you'll need this load printers = yes # you may wish to override the location of the printcap file printcap name = /etc/printcap # on SystemV system setting printcap name to lpstat should allow # you to automatically obtain a printer list from the SystemV spool # system printcap name = lpstat # It should not be necessary to specify the print system type unless # it is non-standard. Currently supported print systems include: # bsd, sysv, plp, lprng, aix, hpux, qnx printing = bsd # Uncomment this if you want a guest account, you must add this to /etc/passwd # otherwise the user "nobody" is used ; guest account = pcguest # this tells Samba to use a separate log file for each machine # that connects log file = /samba/var/log.%m # Put a capping on the size of the log files (in Kb). max log size = 50 # Security mode. Most people will want user level security. See # security_level.txt for details. security = user # Use password server option only with security = server ; password server = # You may wish to use password encryption. Please read # ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation. # Do not enable this option unless you have read those documents ; encrypt passwords = yes # Using the following line enables you to customise your configuration # on a per machine basis. The %m gets replaced with the netbios name # of the machine that is connecting ; include = /samba/lib/smb.conf.%m # Most people will find that this option gives better performance. # See speed.txt and the manual pages for details socket options = TCP_NODELAY # Configure Samba to use multiple interfaces # If you have multiple network interfaces then you must list them # here. See the man page for details. ; interfaces = 192.168.12.2/24 192.168.13.2/24 # Browser Control Options: # set local master to no if you don't want Samba to become a master # browser on your network. Otherwise the normal election rules apply ; local master = no # OS Level determines the precedence of this server in master browser # elections. The default value should be reasonable os level = 33 # Domain Master specifies Samba to be the Domain Master Browser. This # allows Samba to collate browse lists between subnets. Don't use this # if you already have a Windows NT domain controller doing this job domain master = yes # Preferred Master causes Samba to force a local browser election on startup # and gives it a slightly higher chance of winning the election preferred master = yes # Use only if you have an NT server on your network that has been # configured at install time to be a primary domain controller. ; domain controller = # Enable this if you want Samba to be a domain logon server for # Windows95 workstations. domain logons = yes # if you enable domain logons then you may want a per-machine or # per user logon script # run a specific logon batch file per workstation (machine) logon script = %m.bat # run a specific logon batch file per username ; logon script = %U.bat # Where to store roving profiles (only for Win95 and WinNT) # %L substitutes for this servers netbios name, %U is username # You must uncomment the [Profiles] share below logon path = \\%L\Profiles # Windows Internet Name Serving Support Section: # WINS Support - Tells the NMBD component of Samba to enable it's WINS Server ; wins support = yes # WINS Server - Tells the NMBD components of Samba to be a WINS Client # Note: Samba can be either a WINS Server, or a WINS Client, but NOT both ; wins server = 172.20.10.6 # WINS Proxy - Tells Samba to answer name resolution queries on # behalf of a non WINS capable client, for this to work there must be # at least one WINS Server on the network. The default is NO. ; wins proxy = yes # DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names # via DNS nslookups. The built-in default for versions 1.9.17 is yes, # this has been changed in version 1.9.18 to no. dns proxy = no #============================ Share Definitions ============================== [homes] comment = Home Directories browseable = no writable = yes # Un-comment the following and create the netlogon directory for Domain Logons [netlogon] comment = Network Logon Service path = /samba/lib/netlogon guest ok = yes writable = no share modes = no # Un-comment the following to provide a specific roving profile share # the default is to use the user's home directory [Profiles] path = /samba/profiles browseable = no writable = yes guest ok = no # NOTE: If you have a BSD-style print system there is no need to # specifically define each individual printer [printers] comment = All Printers path = /samba browseable = no # Set public = yes to allow user 'guest account' to print guest ok = no writable = no printable = yes # This one is useful for people to share files [tmp] comment = Temporary file space path = /tmp read only = yes write list = @admin public = yes # A publicly accessible directory, but read only, except for people in # the "staff" group ;[public] ; comment = Public Stuff ; path = /home/samba ; public = yes ; writable = yes ; printable = no ; write list = @staff # Other examples. # # A private printer, usable only by fred. Spool data will be placed in fred's # home directory. Note that fred must have write access to the spool directory, # wherever it is. ;[fredsprn] ; comment = Fred's Printer ; valid users = fred ; path = /homes/fred ; printer = freds_printer ; public = no ; writable = no ; printable = yes # A private directory, usable only by fred. Note that fred requires write # access to the directory. ;[fredsdir] ; comment = Fred's Service ; path = /usr/somewhere/private ; valid users = fred ; public = no ; writable = yes ; printable = no # a service which has a different directory for each machine that connects # this allows you to tailor configurations to incoming machines. You could # also use the %U option to tailor it by user name. # The %m gets replaced with the machine name that is connecting. ;[pchome] ; comment = PC Directories ; path = /usr/pc/%m ; public = no ; writable = yes # A publicly accessible directory, read/write to all users. Note that all files # created in the directory by users will be owned by the default user, so # any user with access can delete any other user's files. Obviously this # directory must be writable by the default user. Another user could of course # be specified, in which case all files would be owned by that user instead. ;[public] ; path = /usr/somewhere/else/public ; public = yes ; only guest = yes ; writable = yes ; printable = no # The following two entries demonstrate how to share a directory so that two # users can place files there that will be owned by the specific users. In this # setup, the directory should be writable by both users and should have the # sticky bit set on it to prevent abuse. Obviously this could be extended to # as many users as required. ;[myshare] ; comment = Mary's and Fred's stuff ; path = /usr/somewhere/shared ; valid users = mary fred ; public = no ; writable = yes ; printable = no ; create mask = 0765 Thomas B. Turpin Engineering/CAD Systems Administration Ryobi Motor Products Phone: (864) 878-6331 ext. 4166 Fax: (864) 898-4088 E-mail: tom.turpin@rptg.ryobi.com From jamest at math.ksu.edu Mon Oct 12 21:58:11 1998 From: jamest at math.ksu.edu (James Thompson) Date: Tue Dec 2 02:24:33 2003 Subject: Encryption Problem In-Reply-To: <1E3CD9E2453ED211A85C080009DCA6690A15B1@RYOBI4> Message-ID: On Tue, 13 Oct 1998, Tom Turpin wrote: > With this morning CVS download, it seems that NT stations no longer seem to > be able to login. Let me know if you think I have made mistakes or > improperly configured the settings. > I am experiencing the exact same problem. I have noticed however that I can still From shad at travelware.net Tue Oct 13 03:09:26 1998 From: shad at travelware.net (Shad O'Neil) Date: Tue Dec 2 02:24:33 2003 Subject: Encryption Problem In-Reply-To: Message-ID: <000801bdf656$e2b70ef0$9033b3cf@superman.travelware.net> My binary install on a Redhat 5.1 box (security = domain) had troubles when joining the domain. It joined fine and made the MACHINE.SID file but didn't make the ..mac file. It had an error that it couldn't find /etc/codepages/codepage.850. What does that mean? Shad O'Neil From jamest at math.ksu.edu Tue Oct 13 13:30:43 1998 From: jamest at math.ksu.edu (James Thompson) Date: Tue Dec 2 02:24:33 2003 Subject: Encryption Problem In-Reply-To: <1E3CD9E2453ED211A85C080009DCA6690A15B3@RYOBI4> Message-ID: On Tue, 13 Oct 1998, Tom Turpin wrote: > You can still?? Your message was truncated. > Sorry about that. Musta hit send not postpone, I was going to make sure I didn't mess up somewhere before sending. But since I started.... I too cannot connect to my samba PDC from the NT logon after updating to Monday mornings CVS code (Previous CVS code worked during logins but would not let me create files.) I get the error about computer not being part of the domain or the password being incorrect. I had used the command smbpasswd -a -m machinename to add the machine to the password file. Which created a machinename$ entry in the smbpasswd file. I read the the password for the machine names should be automatically set to the word machine so I used smbpasswd to reset the password to machine. Still no luck. Wierd thing is that the samba server is accepting passwords just fine from the NT box. I log on localy as the administrator on the machine then I can connect to shares on the server as a user listed in the smbpasswd file, file creation seems normal, everything seems fine. It just the initial logon that won't work. I deleted the smbpassword, and repeated all steps with the same results. My inital attempts were with the same smb.conf I was using before which did work with previous cvs code (that didn't allow file creation). Since then I've tried alpha7 and alpha 8 without any luck. Anyway, that's where I'm at now. I'm off to update my CVS tree and start anew with some debugging to try and find where things are going wrong. ->->->->->->->->->->->->->->->->->->---<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-< James Thompson 138 Cardwell Hall Manhattan, Ks 66506 785-532-0561 Kansas State University Department of Mathematics ->->->->->->->->->->->->->->->->->->---<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-< From tom.turpin at rptg.ryobi.com Tue Oct 13 15:08:59 1998 From: tom.turpin at rptg.ryobi.com (Tom Turpin) Date: Tue Dec 2 02:24:33 2003 Subject: Profiles appear to be broken as of Monday afternoon Message-ID: <1E3CD9E2453ED211A85C080009DCA6690A15B7@RYOBI4> I think profiles are broken. Please let me know what debug info to try to collect. I am running on a Sparc 20 with 2.6 and Monday's CVS. Thomas B. Turpin Engineering/CAD Systems Administration Ryobi Motor Products Phone: (864) 878-6331 ext. 4166 Fax: (864) 898-4088 E-mail: tom.turpin@rptg.ryobi.com From peloy at ven.ra.rockwell.com Tue Oct 13 15:01:00 1998 From: peloy at ven.ra.rockwell.com (peloy@ven.ra.rockwell.com) Date: Tue Dec 2 02:24:33 2003 Subject: Encryption Problem References: <1E3CD9E2453ED211A85C080009DCA6690A15B3@RYOBI4> Message-ID: <6vvpvc$bv3$1@zeus.ven.ra.rockwell.com> James Thompson wrote: > I too cannot connect to my samba PDC from the NT logon after updating to > Monday mornings CVS code (Previous CVS code worked during logins but would > not let me create files.) [...] Same here (now I can't log into the Samba PDC and before I could log in but could not read/write from/to the Samba server). peloy.- From ivey at realminfo.com Tue Oct 13 17:14:07 1998 From: ivey at realminfo.com (Michael D. Ivey) Date: Tue Dec 2 02:24:33 2003 Subject: Profiles appear to be broken as of Monday afternoon In-Reply-To: <1E3CD9E2453ED211A85C080009DCA6690A15B7@RYOBI4>; from Tom Turpin on Wed, Oct 14, 1998 at 01:16:16AM +1000 References: <1E3CD9E2453ED211A85C080009DCA6690A15B7@RYOBI4> Message-ID: <19981013131407.A31649@bagheera.realminfo.com> On Wed, Oct 14, 1998 at 01:16:16AM +1000, Tom Turpin wrote: > I think profiles are broken. Please let me know what debug info to try to > collect. I am running on a Sparc 20 with 2.6 and Monday's CVS. It seems like it may have been earlier than that. My WinFrame box is refusing to play nicely, and I think it's profile related. This happened last week sometime. btw: is samba-ntdom really dead, and should be moved to samba-technical, or did I make that up? /mdi -- Michael D. Ivey - Director of Emerging Technologies ivey@realminfo.com http://www.realminfo.com/~ivey/ From william at hae.com Tue Oct 13 19:10:02 1998 From: william at hae.com (William Stuart) Date: Tue Dec 2 02:24:33 2003 Subject: Profiles appear to be broken as of Monday afternoon In-Reply-To: <19981013131407.A31649@bagheera.realminfo.com> Message-ID: On Wed, 14 Oct 1998, Michael D. Ivey wrote: > btw: is samba-ntdom really dead, and should be moved to samba-technical, > or did I make that up? > > /mdi I think you are thinking of the BRANCH_NTDOM on cvs. The samba-ntdom mailing list is alive and almost too active. William From ivey at realminfo.com Tue Oct 13 19:13:43 1998 From: ivey at realminfo.com (Michael D. Ivey) Date: Tue Dec 2 02:24:34 2003 Subject: Profiles appear to be broken as of Monday afternoon In-Reply-To: ; from James Thompson on Tue, Oct 13, 1998 at 01:46:30PM -0500 References: <19981013131407.A31649@bagheera.realminfo.com> Message-ID: <19981013151343.A641@bagheera.realminfo.com> On Tue, Oct 13, 1998 at 01:46:30PM -0500, James Thompson wrote: > On Wed, 14 Oct 1998, Michael D. Ivey wrote: > > > > > btw: is samba-ntdom really dead, and should be moved to samba-technical, > > or did I make that up? > > > > I have not read this anywhere. Where did you here that? Someone who reads bugs@samba.anu told me that the plan was to move everything to technical, since BRANCH_NTDOM was now mainstream. I've started sending to both, since half the time I get an answer from either one. 2 halves make a whole, right? =) /mdi -- Michael D. Ivey - Director of Emerging Technologies ivey@realminfo.com http://www.realminfo.com/~ivey/ From paul at argo.demon.co.uk Tue Oct 13 18:28:33 1998 From: paul at argo.demon.co.uk (Paul Ashton) Date: Tue Dec 2 02:24:34 2003 Subject: NDS for Samba Message-ID: <199810131928.UAA05899@argo.demon.co.uk> ... well for linux at least. Novell are porting NDS to Linux. See http://slashdot.org Paul From greg at discreet.com Tue Oct 13 20:05:57 1998 From: greg at discreet.com (Greg Dickie) Date: Tue Dec 2 02:24:34 2003 Subject: Dohhh! broken compile on IRIX - CVS Message-ID: Hi, Latest cvs fetch (around noon on Tues.) does not appear to compile. I get: Compiling smbwrapper/smbw.c with -KPIC "smbwrapper/smbw.c", line 1338: error(1020): identifier "aclent_t" is undefined int smbw_acl(const char *pathp, int cmd, int nentries, aclent_t *aclbufp) ^ "smbwrapper/smbw.c", line 1340: error(1020): identifier "GETACL" is undefined if (cmd == GETACL || cmd == GETACLCNT) return 0; ^ "smbwrapper/smbw.c", line 1340: error(1020): identifier "GETACLCNT" is undefined if (cmd == GETACL || cmd == GETACLCNT) return 0; ^ 3 errors detected in the compilation of "smbwrapper/smbw.c". *** Error code 2 (bu21) Thanks, Greg --------------------------------------------------------------------- Greg Dickie Just A Guy* *from discreet logic Montreal (514) 954-7171 greg@discreet.com From harald at penti.sit.fi Tue Oct 13 20:28:58 1998 From: harald at penti.sit.fi (Harald H Hannelius) Date: Tue Dec 2 02:24:34 2003 Subject: Hilarious feelings, browsing success :) Message-ID: Wow, this is something I have looked forward to: At home; a Win98 box behind a masquerading linux. The masq-machine is running samba pre2.0.0 PDC and I am logged in on it from the Win98 box, using its resources like a maniac. At school: In a different subnet than the modem pool a Samba 2.0.0 PDC. I have the same logins and the same password on both PDC's. On the win98 client I run Start->Find->Computer and type in the netbios name of the PDC at school. An vola, I get to use my home-dir and printer and all, even without typing any passwords! From behind a masquerading machine, and over a modem!! This is like in heaven. Thank you all in the samba team! Q: Is this the 'goodness' of win98's browsing capabilites? We are now considering migrating from Novell to Samba (300 users)... At last we can have a network where users have *one* login and *one* password. (The PDC at school is also a NIS/NFS server) The only problem left is: How do I get passwords synced reliably? I haven't go this working yet. Seems like smbd doesn't like my version of yppasswd. Oh well. I could also write a small passwd program that does the same as smbpasswd (namely: 'smbpasswd user PaSwOrD' :) Thanks a lot, seeing forward to future releases that can act as even stronger glue between different network arcs... =========================================================== Harald H Hannelius | harald@sit.fi | GSM +358405470870 Mauritzgatan 14D41 | www.iki.fi/~harald | Pho +35892783568 00170 HKI FINLAND | harald@iki.fi | Fax +35892783568 =========================================================== From cartegw at Eng.Auburn.EDU Tue Oct 13 21:02:26 1998 From: cartegw at Eng.Auburn.EDU (Gerald W. Carter) Date: Tue Dec 2 02:24:34 2003 Subject: Hilarious feelings, browsing success :) In-Reply-To: Message-ID: On Wed, 14 Oct 1998, Harald H Hannelius wrote: > Q: Is this the 'goodness' of win98's browsing capabilites? I havw noticed that the workgroup browsing does seem to work a little better in Win98. The domain master browser location stuff is generally (slightly) more reliable. Haven't looked into specifics though. > We are now considering migrating from Novell to Samba (300 users)... Yeah! :) > How do I get passwords synced reliably? I haven't go this working Have you trie dthe "Unix sync option" or something like. If you Samba on your NIS master it should enable you to use the password program and password chat para,eters in smb.conf to get Samba to change the NIS passwd at the same time that it changes the smbpasswd file. This only works for Win95 at the moment. NT user password changes are not quite ready yet. j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From amol at memcad.com Tue Oct 13 22:37:26 1998 From: amol at memcad.com (Amol Karnik) Date: Tue Dec 2 02:24:34 2003 Subject: help please! cant login from NT onto samba domain Message-ID: <3623D626.E85E6041@memcad.com> hi all, sorry for being such a pain... but i've almost got things working now...except for damn NT. i'm using the cvs code from last week and logins from 95 and 98 work perfect. i just got new NT machines in, and they refused to join the samba domain with the security=server option. i had to change that to security=user. i add an entry for my NT box in /etc/passwd on the samba server. did a smbpasswd -a -m machinename$ machine and it generated an entry in the smbpasswd file. now when i try to login to the domain from the NT machine as myself or any other user, it says "the system cannot log you on to the domain because the systems computer account in the primary domain is missing or the password of this account is incorrect" now, i can log in with my username from an 95 or 98 box. the samba server runs on a solaris2.5.1 machine. samba is setup to be the WINS server as well. I do not have any NT server in the network at all. i have "encrypt passwords = yes". i noticed from the NTDOM faq that the subnet mask might be different, which lead to this error. but both machines 255.255.255.0 as the subnet mask. the log.nmb file does however says something which strikes me as incorrect, when i start nmbd "Attempting to become domain master browser on workgroup SAMBA on subnet 192.168.1.4" 192.168.1.4 is the IP of the samba server. why does it think the subnet is 192.168.1.4 and not 192.168.1 ?? i dont have any subnets in the network at all. now, i can login locally as admin and browse over to the samba server via network neighbourhood and see the shares. i can also map a network drive from the samba server. It then asks me for a username and passwd. So that authentication is working. its just the initial login. any ideas anyone please? the following is an excerpt from the log.machinename file [1998/10/13 18:20:33, 1] smbd/ipc.c:(3250) api_fd_reply: INVALID PIPE HANDLE: 700f [1998/10/13 18:20:33, 1] smbd/ipc.c:(3250) api_fd_reply: INVALID PIPE HANDLE: 7004 [1998/10/13 18:20:42, 1] smbd/ipc.c:(3250) api_fd_reply: INVALID PIPE HANDLE: 700f [1998/10/13 18:20:42, 1] smbd/ipc.c:(3250) api_fd_reply: INVALID PIPE HANDLE: 700d [1998/10/13 18:25:02, 1] smbd/ipc.c:(3250) api_fd_reply: INVALID PIPE HANDLE: 7001 [1998/10/13 18:25:03, 1] smbd/ipc.c:(3250) api_fd_reply: INVALID PIPE HANDLE: 7001 thanks in advance for your time. when i get it all working, i'll send in a detailed summary on how to get this working, for all others who've had problems. - amol From jerry at Eng.Auburn.EDU Tue Oct 13 23:26:15 1998 From: jerry at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:34 2003 Subject: help please! cant login from NT onto samba domain In-Reply-To: <3623D626.E85E6041@memcad.com> Message-ID: <3.0.5.32.19981013182615.0090f850@pophost.eng.auburn.edu> At 08:43 AM 10/14/98 +1000, Amol Karnik wrote: >did a smbpasswd -a -m machinename$ machine should jusy be smbpasswd -a -m machinename >"Attempting to become domain master browser on workgroup SAMBA on subnet >192.168.1.4" >192.168.1.4 is the IP of the samba server. This is normal. Hope this helps, j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From D.Bannon at latrobe.edu.au Wed Oct 14 00:21:58 1998 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:24:34 2003 Subject: Encryption Problem In-Reply-To: References: <1E3CD9E2453ED211A85C080009DCA6690A15B3@RYOBI4> Message-ID: <3.0.3.32.19981014102158.00750c88@bioserve.biochem.latrobe.edu.au> At 11:35 PM 13/10/1998 +1000, James Thompson wrote: >I too cannot connect to my samba PDC from the NT logon after updating to >Monday mornings CVS code ... I have a similar problem. Note that when I reverted to previous version, the previous version could no longer write what it needed to smbpasswd. While trying to get the new version running I had set both user and machine passwords. I suspect that the smbpasswd format has changed ??? This could spell real problems for someone in a production situation ! The only way to get going with 'old' version (earlier this month) was to delete my smbpasswd file and create a new one. I'll try and confirm that latter today (time ???) but people should be carefull about cvs'ing. Maybe backup ~/private/smbpasswd first ?? >.. (Previous CVS code worked during logins but would >not let me create files.) I get the error about computer not being part >of the domain or the password being incorrect. I had used the command > >smbpasswd -a -m machinename > ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From pfrazao at ualg.pt Wed Oct 14 09:56:27 1998 From: pfrazao at ualg.pt (Pedro Miguel =?ISO-8859-1?Q?Fraz=E3o?= F. Ferreira) Date: Tue Dec 2 02:24:34 2003 Subject: help please! cant login from NT onto samba domain References: <3.0.5.32.19981013182615.0090f850@pophost.eng.auburn.edu> Message-ID: <3624754B.B6256850@ualg.pt> Gerald Carter wrote: > > At 08:43 AM 10/14/98 +1000, Amol Karnik wrote: > > >did a smbpasswd -a -m machinename$ machine > > should jusy be smbpasswd -a -m machinename And (please correct me if I am wrong) I think there is the need for an account in the Unix passwd file with the name of the MACHINE$. > > >"Attempting to become domain master browser on workgroup SAMBA on subnet > >192.168.1.4" > >192.168.1.4 is the IP of the samba server. > > This is normal. > > Hope this helps, > j- > ________________________________________________________________________ > Gerald ( Jerry ) Carter > Engineering Network Services Auburn University > jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw > > "...a hundred billion castaways looking for a home." > - Sting "Message in a Bottle" ( 1979 ) Pedro From Simon.Levitt at uk.worldpay.com Wed Oct 14 13:44:17 1998 From: Simon.Levitt at uk.worldpay.com (Simon Levitt) Date: Tue Dec 2 02:24:34 2003 Subject: Samba PDC Login Problems (Located) Message-ID: <199810141344.OAA18287@mail.cam.uk.worldpay.com> Hiya, We're tracking the CVS development of Samba, and have hit the Domain login failures on versions for about a week now (We're using Samba as our PDC). Today I decided to investigate the problem further and have found some things which may not be the whole problem, but are definately a significant factor. The problem is only with Interactive Logins - Normal share mounts are fine. The problem I've found is rooted around the change in libsmb/smbdes.c from revision 1.16 to 1.17 when the length of the Hash produced when val == False reduced from 16 to 8 in SamOEMHash(). SamOEMHash() is used in rpc_server/srv_netlog.c:net_login_interactive() which assumes it is producing 16 byte values (as the function used to when passed False) and comparing the hash with the stored one (in whatever form!). This is now failing (although the first 8 bytes are matching) and thus returning STATUS_WRONG_PASSWORD the login. Cheers, Simon., BTW. I'm I just reading SamOEMHash() completely wrong or do the last two for loops have the potential to completely blow the bounds of s_box[]? ----------------------------------------------------------------------- Simon Levitt, Consultant/Software Engineer @ WorldPay Ltd., Orwell House, Cowley Road, Cambridge, CB4 4WY, ENGLAND. Simon.Levitt@uk.worldpay.com Ph:+44(0)1223 715151 F:+44(0)1223 715157 ----------------------- http://www.worldpay.com/ ---------------------- From amol at memcad.com Wed Oct 14 15:02:11 1998 From: amol at memcad.com (Amol Karnik) Date: Tue Dec 2 02:24:34 2003 Subject: help please! cant login from NT onto samba domain References: <3.0.5.32.19981013182615.0090f850@pophost.eng.auburn.edu> Message-ID: <3624BCF3.7A2EAF6F@memcad.com> well question 2.3 from the NTDOM FAQ says that there should be a password after, with the password being the machine name in lowercase. my problem is similar to what question2.4 asks, but the faq doesnt actually answer the question at all. anyways, i've tried all combinations, and nothing seems to work. i tried all the suggestions to the replies that i got, but its still the same. the machine joins the SAMBA domain, but wont let anyone log in. You can still browse and connect to samba, if you login locally. i noticed this message on the log.machine file, when i changed the machine to join the SAMBA domain : [1998/10/14 10:39:18, 4] smbd/password.c:(401) Checking SMB password for user boss$ [1998/10/14 10:39:18, 4] smbd/password.c:(407) smb_password_ok: Checking NT MD4 password [1998/10/14 10:39:18, 4] smbd/password.c:(411) NT MD4 password check succeeded [1998/10/14 10:39:18, 4] smbd/reply.c:(439) session_trust_account: Wksta trust account BOSS$ denied by server [1998/10/14 10:39:18, 3] smbd/error.c:(127) 32 bit error packet at line 441 cmd=115 (SMBsesssetupX) eclass=c0000199 [Error: Unknown error (153 ,49152)] whats the "Wksta trust account BOSS$ denied by server" mean? do i have some settings wrong? i also tried the hack to the registry as described in WinNT.txt to enable plain text passwords. as you can see, i'm at a really big dead end here. any, any, help will be appreciated. i'm attaching the output of the testparm command, if its of any use. - amol Gerald Carter wrote: > > At 08:43 AM 10/14/98 +1000, Amol Karnik wrote: > > >did a smbpasswd -a -m machinename$ machine > > should jusy be smbpasswd -a -m machinename > > >"Attempting to become domain master browser on workgroup SAMBA on subnet > >192.168.1.4" > >192.168.1.4 is the IP of the samba server. > > This is normal. > > Hope this helps, > j- > ________________________________________________________________________ > Gerald ( Jerry ) Carter > Engineering Network Services Auburn University > jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw > > "...a hundred billion castaways looking for a home." > - Sting "Message in a Bottle" ( 1979 ) -- ----------------------------------------------------- Amol Karnik Senior Development Engineer amol@memcad.com Microcosm Technologies, Inc. (617) 225-0094 x248 215 First St., Suite #2D (617) 621-7838 FAX Cambridge MA, 02142 http://www.memcad.com ----------------------------------------------------- -------------- next part -------------- Load smb config files from /usr/local/samba/lib/smb.conf Processing section "[homes]" Processing section "[netlogon]" Processing section "[printers]" Processing section "[tmp]" Processing section "[webserver]" Loaded services file OK. WARNING: You have some share names that are longer than 8 chars These may give errors while browsing or may not be accessible to some older clients Press enter to see a dump of your service definitions # Global parameters workgroup = SAMBA netbios name = netbios aliases = server string = Samba Server interfaces = bind interfaces only = No security = USER encrypt passwords = Yes update encrypted = No use rhosts = No null passwords = No password server = blue smb passwd file = /usr/local/samba/private/smbpasswd hosts equiv = root directory = / passwd program = /usr/local/samba/bin/smbpasswd passwd chat = *old*password* %o\n *new*password* %n\n *new*password* %n\n *changed* passwd chat debug = No username map = password level = 0 username level = 0 unix password sync = No log level = 2 syslog = 1 syslog only = No log file = /usr/local/samba/var/log.%m max log size = 50 timestamp logs = Yes protocol = NT1 read bmpx = Yes read raw = Yes write raw = Yes networkstation user login = No nt smb support = Yes announce version = 4.2 announce as = NT max mux = 50 max xmit = 65535 name resolve order = lmhosts host wins bcast max packet = 65535 max ttl = 259200 max wins ttl = 518400 min wins ttl = 21600 time server = No change notify timeout = 60 deadtime = 0 getwd cache = Yes keepalive = 300 lpq cache time = 10 max disk size = 0 max open files = 10000 read prediction = No read size = 16384 shared mem size = 1048576 socket options = TCP_NODELAY stat cache size = 50 load printers = Yes printcap name = lpstat printer driver file = /usr/local/samba/lib/printers.def strip dot = No character set = mangled stack = 50 coding system = client code page = 850 stat cache = Yes domain sid = domain groups = domain controller = No domain admin group = domain guest group = domain admin users = domain guest users = machine password timeout = 604800 logon script = logon path = \\%N\%U\profile logon drive = logon home = \\%N\%U domain logons = Yes os level = 0 lm announce = Auto lm interval = 60 preferred master = Yes local master = Yes domain master = Yes browse list = Yes dns proxy = Yes wins proxy = Yes wins server = wins support = Yes kernel oplocks = Yes ole locking compatibility = Yes smbrun = /usr/local/samba/bin/smbrun config file = preload = lock dir = /usr/local/samba/var/locks default service = message command = dfree command = valid chars = remote announce = remote browse sync = socket address = 0.0.0.0 homedir map = time offset = 0 unix realname = No NIS homedir = No panic action = comment = path = alternate permissions = No revalidate = No username = guest account = nobody invalid users = valid users = admin users = read list = write list = force user = force group = read only = Yes create mask = 0744 force create mode = 00 directory mask = 0755 force directory mode = 00 guest only = No guest ok = No only user = No hosts allow = hosts deny = status = Yes max connections = 0 min print space = 0 strict sync = No sync always = No print ok = No postscript = No printing = sysv print command = lp -c -d%p %s; rm %s lpq command = lpstat -o%p lprm command = cancel %p-%j lppause command = lp -i %p-%j -H hold lpresume command = lp -i %p-%j -H resume queuepause command = lpc stop %p queueresume command = lpc start %p printer name = printer driver = NULL printer driver location = default case = lower case sensitive = No preserve case = Yes short preserve case = Yes mangle case = No mangling char = ~ hide dot files = Yes delete veto files = No veto files = hide files = veto oplock files = map system = No map hidden = No map archive = Yes mangled names = Yes mangled map = browseable = Yes blocking locks = Yes fake oplocks = No locking = Yes oplocks = Yes strict locking = No share modes = Yes copy = include = exec = postexec = root preexec = root postexec = available = Yes volume = fstype = NTFS set directory = No wide links = Yes follow symlinks = Yes dont descend = magic script = magic output = delete readonly = No dos filetimes = No dos filetime resolution = No fake directory create times = No [homes] comment = Home Directories read only = No browseable = No [netlogon] comment = Network Logon Service path = /usr/local/samba/lib/netlogon guest ok = Yes share modes = No [printers] comment = All Printers path = /usr/spool/samba print ok = Yes browseable = No [tmp] comment = Temporary file space path = /tmp read only = No guest ok = Yes [webserver] comment = Webserver Stuff path = /var/www/httpd/htdocs/info write list = @users read only = No guest ok = Yes From cartegw at Eng.Auburn.EDU Wed Oct 14 15:20:25 1998 From: cartegw at Eng.Auburn.EDU (Gerald W. Carter) Date: Tue Dec 2 02:24:34 2003 Subject: help please! cant login from NT onto samba domain In-Reply-To: <3624754B.B6256850@ualg.pt> Message-ID: On Wed, 14 Oct 1998, Pedro Miguel [ISO-8859-1] Frazão F. Ferreira wrote: > > >did a smbpasswd -a -m machinename$ machine > > > > should jusy be smbpasswd -a -m machinename > > And (please correct me if I am wrong) I think there is the need for an > account in the Unix passwd file with the name of the MACHINE$. You are correct. When you add the machine using smbpasswd though, the '$' character is implied by the -m flag. j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From cartegw at Eng.Auburn.EDU Wed Oct 14 15:29:59 1998 From: cartegw at Eng.Auburn.EDU (Gerald W. Carter) Date: Tue Dec 2 02:24:34 2003 Subject: help please! cant login from NT onto samba domain In-Reply-To: <3624BCF3.7A2EAF6F@memcad.com> Message-ID: On Wed, 14 Oct 1998, Amol Karnik wrote: > well question 2.3 from the NTDOM FAQ says that there should be a > password after, with the password being the machine name in lowercase. Correct, but Q2.2 describes how to add the machines account. the -m flag in smbpasswd will append a '$' character to the name and set the initial passwd to "machine_name" for you. > whats the "Wksta trust account BOSS$ denied by server" mean? The Workstation truct account is basically a user account for the machine. It's how the machine 'logs in to the domain" so that user's can log in. There have been some more posts on this problem. We'll try to work something out soon. However, most of the team is in San Jose at a interop conference at the moment. j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From dkrovich at wvu.edu Wed Oct 14 15:30:55 1998 From: dkrovich at wvu.edu (David Krovich) Date: Tue Dec 2 02:24:34 2003 Subject: PDC/BDC Questions Message-ID: Is there a way to take a PDC (Windows NT) and make it become a member server in a different NT-Domain without re-installing? We currently have an NT Server running, and I want to make it a part of Domain managed by a Samba Server acting as a PDC. I still want the NT Server to be a member of the new domain, because I still want to use some sortware thats intalled on the machine, as well as use it for doing things like Print Serving, WINS, etc. I'd really rather not do a re-install if I can avoid it. It would also be neat to do things this way, because all of my NT account information would still exist on the current NT Server, and if I'm reading things correctly, people could still athenticate directly to the NT Server, similar to the way people would authenticate to the local resources of a NT Workstation that exists in a Domain. Any tips? From jamest at math.ksu.edu Wed Oct 14 15:53:25 1998 From: jamest at math.ksu.edu (James Thompson) Date: Tue Dec 2 02:24:34 2003 Subject: Samba PDC Login Problems (Located) In-Reply-To: <199810141344.OAA18287@mail.cam.uk.worldpay.com> Message-ID: On Wed, 14 Oct 1998, Simon Levitt wrote: > > The problem I've found is rooted around the change in libsmb/smbdes.c > from revision 1.16 to 1.17 when the length of the Hash produced when > val == False reduced from 16 to 8 in SamOEMHash(). > Thanks! I changed the false case back to 16 and PDC logons are working fine. Didn't look for other effects to the code cause I'm not "live" yet with the server and can afford to play. ->->->->->->->->->->->->->->->->->->---<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-< James Thompson 138 Cardwell Hall Manhattan, Ks 66506 785-532-0561 Kansas State University Department of Mathematics ->->->->->->->->->->->->->->->->->->---<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-< From rob.naccarato at sheridanc.on.ca Wed Oct 14 18:22:53 1998 From: rob.naccarato at sheridanc.on.ca (Rob Naccarato) Date: Tue Dec 2 02:24:34 2003 Subject: No subject Message-ID: subscribe Rob Naccarato "Civilized men are more discourteous than savages Sys Admin because they know they can be impolite without Sheridan College having their skulls split, as a general thing." Oakville, Ont. Canada - Robert E. Howard From matthew at janus.law.usyd.edu.au Wed Oct 14 20:49:05 1998 From: matthew at janus.law.usyd.edu.au (Matthew Geier) Date: Tue Dec 2 02:24:34 2003 Subject: Samba PDC Login Problems (Located) In-Reply-To: <199810141344.OAA18287@mail.cam.uk.worldpay.com> from "Simon Levitt" at Oct 14, 98 11:50:46 pm Message-ID: <199810142049.GAA17495@janus.law.usyd.edu.au> > We're tracking the CVS development of Samba, and have hit the Domain > login failures on versions for about a week now (We're using Samba as > our PDC). Ive found the same problem. WinNT cant login, although Win95 and connecting to shares still work fine. From D.Bannon at latrobe.edu.au Thu Oct 15 00:03:21 1998 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:24:34 2003 Subject: Samba PDC Login Problems (Located) In-Reply-To: <199810142049.GAA17495@janus.law.usyd.edu.au> References: <199810141344.OAA18287@mail.cam.uk.worldpay.com> Message-ID: <3.0.3.32.19981015100321.0074a1dc@bioserve.biochem.latrobe.edu.au> At 10:00 AM 15/10/1998 +1000, Matthew Geier wrote: > .... WinNT cant login, although Win95 and connecting >to shares still work fine. > I just tried Simon.Levitt suggested solution and it seems (superficially) to work. Well worth trying. David ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From eric at dt06q2n53.nycap.rr.com Thu Oct 15 05:02:38 1998 From: eric at dt06q2n53.nycap.rr.com (Eric Warnke) Date: Tue Dec 2 02:24:34 2003 Subject: FYI: cvs under redhat possible security concern... Message-ID: I was just doing a security audit of my redhat system when something unusual caught my eye. When I cvs checkout samba all the files are created world writable, and since these files are later run by root, it would not be difficult for a malisious user to slip in a trojan horse into the source. Mabye this is just a simple cvs quiestion or a rehdat peculariaty, but this could affect alot of sites. Any ideas on how to fix this, and I'm not talking chmod -R o-rw * Eric Warnke Sys Admin, ResNet University at Albany, NY eric@snowmoon.com / ericw@albany.edu From lkcl at switchboard.net Thu Oct 15 06:49:07 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:34 2003 Subject: FYI: cvs under redhat possible security concern... In-Reply-To: Message-ID: eric, check that your umask on your _local_ machine isn't set to something like 066: cvs (1.10) uses your umask to set permissions. luke On Thu, 15 Oct 1998, Eric Warnke wrote: > > I was just doing a security audit of my redhat system when something > unusual caught my eye. When I cvs checkout samba all the files are > created world writable, and since these files are later run by root, it > would not be difficult for a malisious user to slip in a trojan horse > into the source. Mabye this is just a simple cvs quiestion or a rehdat > peculariaty, but this could affect alot of sites. > > Any ideas on how to fix this, and I'm not talking chmod -R o-rw * > > Eric Warnke > Sys Admin, ResNet > University at Albany, NY > eric@snowmoon.com / ericw@albany.edu > > Luke Kenneth Casson Leighton Samba and Network Development Samba and Network Consultancy From eric at dt06q2n53.nycap.rr.com Thu Oct 15 13:11:29 1998 From: eric at dt06q2n53.nycap.rr.com (Eric Warnke) Date: Tue Dec 2 02:24:34 2003 Subject: FYI: cvs under redhat possible security concern... In-Reply-To: Message-ID: cvs version 1.9 ( stock rh5.1 u/all updates ) My umask is 022 -> -rw-r--r-- all samba files are -rw-rw-rw- directories drwxr-xr-x > eric, > > check that your umask on your _local_ machine isn't set to something like > 066: cvs (1.10) uses your umask to set permissions. > > luke From jamest at math.ksu.edu Thu Oct 15 18:34:11 1998 From: jamest at math.ksu.edu (James Thompson) Date: Tue Dec 2 02:24:34 2003 Subject: Can't access user settings Message-ID: CVS code from this morning running on Solaris 2.6 I am able to log my Nt4 Workstation into the domain, the profile directory is created if it doesn't exist, passwords work fine, I/O works fine. The problem..... As a user I can create desktop icons, start menu icons just fine and can see them in my profile directory on the samba server. But it will not save changes such as color schemes which I asssumed would be part of my profile. (I'm new with Nt4 & Roving Profiles) Also, whenever I run the telnet client from the run command on the start menu I get a dialog Can't Access User Settings After I press OK I can use telnet. When I close the telnet window I get the same dialog. Other programs (ping, edit) run fine. I've noticed that the history on the start->run menu button never has items added to it. Neither does start->documents. I assumed that these were part of the profile as well. I didn't notice any registry changes that are required in the docs. But I'm now assuming that something is attempting to be stored locally for a user that does not exist on the workstation only on the network. Does anyone have any idea where I've misconfigured the system. Also, I keep reading about a NTconfig.POL file and that I must create it with the policy editor from NT server. I don't have access to NT server media, and couldn't find it on Microsofts web site. Where can I get it and docs on policies? TIA ->->->->->->->->->->->->->->->->->->---<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-< James Thompson 138 Cardwell Hall Manhattan, Ks 66506 785-532-0561 Kansas State University Department of Mathematics ->->->->->->->->->->->->->->->->->->---<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-< From ivey at realminfo.com Thu Oct 15 18:55:58 1998 From: ivey at realminfo.com (Michael D. Ivey) Date: Tue Dec 2 02:24:34 2003 Subject: Winframe/terminalserver woes, still Message-ID: <19981015145558.A17650@bagheera.realminfo.com> Ok, I'm running "old code" from CVS over a week ago, and cannot get WinFrame or Terminal Server to log in to the domain. NT Server, 95, etc, can all get in fine, just not the WF/TS boxes. The login on console will cause a hang on WF, a dump on TS. Remote logins hang via WF client, and just disconnect with TS client. The TS box gets the following error in Event Viewer: RDR: The redirector recieved an SMB that was too short Here's a 'tcpdump -s 512 -x -vv' of the process: iago is the client alice is the samba server, running tcpdump .139 is the Terminal Server box i don't know how much of this is really needed...sorry for the hex spam. any suggestions? should i try the updated CVS code, including the libsmb/smbdes.c fix? thanks... /mdi >>>>>>>>> 14:45:34.457584 arp who-has 208.205.6.139 tell iago.realminfo.com 0001 0800 0604 0001 00a0 c95d 5af9 d0cd 06a0 0000 0000 0000 d0cd 068b 0000 0000 0000 0000 0000 0000 0000 0000 0000 14:45:49.917584 arp who-has alice.realminfo.com tell 208.205.6.139 0001 0800 0604 0001 00a0 c926 7b4a d0cd 068b 0000 0000 0000 d0cd 0689 0000 0000 0000 0000 0000 0000 0000 0000 0000 14:45:49.917584 arp reply alice.realminfo.com is-at 0:c0:f0:31:29:b1 0001 0800 0604 0002 00c0 f031 29b1 d0cd 0689 00a0 c926 7b4a d0cd 068b 14:45:49.917584 208.205.6.139.1034 > alice.realminfo.com.netbios-ssn: P 1386109:1386204(95) ack 471981814 win 8025 (DF) (ttl 128, id 36612) 4500 0087 8f04 4000 8006 bcbd d0cd 068b d0cd 0689 040a 008b 0015 267d 1c21 def6 5018 1f59 91d5 0000 0000 005b ff53 4d42 a200 0000 0018 0300 6680 0000 0000 0000 0000 0000 0100 2005 6400 4013 18ff 0000 0000 0700 0600 0000 0000 0000 9f01 0200 0000 0000 0000 0000 0000 0000 0300 0000 0100 0000 0000 0000 0200 0000 0008 005c 6c73 6172 7063 00 14:45:49.917584 alice.realminfo.com.netbios-ssn > 208.205.6.139.1034: P 1:108(107) ack 95 win 32736 (DF) (ttl 64, id 31941) 4500 0093 7cc5 4000 4006 0ef1 d0cd 0689 d0cd 068b 008b 040a 1c21 def6 0015 26dc 5018 7fe0 ed1f 0000 0000 0067 ff53 4d42 a200 0000 0088 0100 0000 0000 0000 0000 0000 0000 0100 2005 6400 4013 22ff 0000 0000 1270 0100 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 8000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0200 ff05 0000 00 14:45:49.917584 208.205.6.139.1034 > alice.realminfo.com.netbios-ssn: P 95:247(152) ack 108 win 7918 (DF) (ttl 128, id 36868) 4500 00c0 9004 4000 8006 bb84 d0cd 068b d0cd 0689 040a 008b 0015 26dc 1c21 df61 5018 1eee 2c19 0000 0000 0094 ff53 4d42 2500 0000 0018 0300 6680 0000 0000 0000 0000 0000 0100 2005 6400 8013 1000 0048 0000 0000 0400 0000 0000 0000 0000 0000 004c 0048 004c 0002 0026 0012 7051 005c 5049 5045 5c00 0000 0500 0b00 1000 0000 4800 0000 5000 4500 3016 3016 0000 0000 0100 0000 0000 0100 7857 3412 3412 cdab ef00 0123 4567 89ab 0000 0000 045d 888a eb1c c911 9fe8 0800 2b10 4860 0200 0000 14:45:49.917584 alice.realminfo.com.netbios-ssn > 208.205.6.139.1034: P 108:236(128) ack 247 win 32736 (DF) (ttl 64, id 31942) 4500 00a8 7cc6 4000 4006 0edb d0cd 0689 d0cd 068b 008b 040a 1c21 df61 0015 2774 5018 7fe0 e3a7 0000 0000 007c ff53 4d42 2500 0000 0088 0100 0000 0000 0000 0000 0000 0000 0100 2005 6400 8013 0a00 0044 0000 0000 0038 0000 0044 0038 0000 0000 0045 0000 0500 0c03 1000 0000 4400 0000 5000 4500 3016 3016 0000 0000 0c00 5c50 4950 455c 6c73 6173 7300 0000 0100 0000 0000 0000 045d 888a eb1c c911 9fe8 0800 2b10 4860 0200 0000 14:45:49.917584 208.205.6.139.1034 > alice.realminfo.com.netbios-ssn: P 247:411(164) ack 236 win 7790 (DF) (ttl 128, id 37124) 4500 00cc 9104 4000 8006 ba78 d0cd 068b d0cd 0689 040a 008b 0015 2774 1c21 dfe1 5018 1e6e 5027 0000 0000 00a0 ff53 4d42 2500 0000 0018 0300 6680 0000 0000 0000 0000 0000 0100 2005 6400 c013 1000 0054 0000 0000 0400 0000 0000 0000 0000 0000 004c 0054 004c 0002 0026 0012 705d 005c 5049 5045 5c00 0000 0500 0003 1000 0000 5400 0000 0100 0000 3c00 0000 0000 2c00 a012 1500 0800 0000 0000 0000 0800 0000 5c00 5c00 4100 4c00 4900 4300 4500 0000 1800 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0100 0000 14:45:49.917584 alice.realminfo.com.netbios-ssn > 208.205.6.139.1034: P 236:344(108) ack 411 win 32736 (DF) (ttl 64, id 31943) 4500 0094 7cc7 4000 4006 0eee d0cd 0689 d0cd 068b 008b 040a 1c21 dfe1 0015 2818 5018 7fe0 dc07 0000 0000 0068 ff53 4d42 2500 0000 0088 0100 0000 0000 0000 0000 0000 0000 0100 2005 6400 c013 0a00 0030 0000 0000 0038 0000 0030 0038 0000 0000 0031 0000 0500 0203 1000 0000 3000 0000 0100 0000 1800 0000 0000 0000 0000 0000 0405 0607 0809 0a0b 0c0d 0e0f 1011 1213 0000 0000 14:45:49.917584 208.205.6.139.1034 > alice.realminfo.com.netbios-ssn: P 411:537(126) ack 344 win 7682 (DF) (ttl 128, id 37380) 4500 00a6 9204 4000 8006 b99e d0cd 068b d0cd 0689 040a 008b 0015 2818 1c21 e04d 5018 1e02 18f6 0000 0000 007a ff53 4d42 2500 0000 0018 0300 6680 0000 0000 0000 0000 0000 0100 2005 6400 0014 1000 002e 0000 0000 0400 0000 0000 0000 0000 0000 004c 002e 004c 0002 0026 0012 7037 005c 5049 5045 5c00 0000 0500 0003 1000 0000 2e00 0000 0200 0000 1600 0000 0000 0700 0000 0000 0405 0607 0809 0a0b 0c0d 0e0f 1011 1213 0300 14:45:49.917584 alice.realminfo.com.netbios-ssn > 208.205.6.139.1034: P 344:504(160) ack 537 win 32736 (DF) (ttl 64, id 31944) 4500 00c8 7cc8 4000 4006 0eb9 d0cd 0689 d0cd 068b 008b 040a 1c21 e04d 0015 2896 5018 7fe0 85fd 0000 0000 009c ff53 4d42 2500 0000 0088 0100 0000 0000 0000 0000 0000 0000 0100 2005 6400 0014 0a00 0064 0000 0000 0038 0000 0064 0038 0000 0000 0065 0000 0500 0203 1000 0000 6400 0000 0200 0000 4c00 0000 0000 0000 0000 0022 0300 0000 0a00 0a00 0400 0000 0200 0000 0600 0000 0000 0000 0600 0000 5200 4500 4100 4c00 4d00 0000 0400 0000 0104 0000 0000 0005 1500 0000 f30f ce71 99ae b77c 1b98 210a 0000 0000 14:45:49.917584 208.205.6.139.1034 > alice.realminfo.com.netbios-ssn: P 537:663(126) ack 504 win 7522 (DF) (ttl 128, id 37636) 4500 00a6 9304 4000 8006 b89e d0cd 068b d0cd 0689 040a 008b 0015 2896 1c21 e0ed 5018 1d62 d577 0000 0000 007a ff53 4d42 2500 0000 0018 0300 6680 0000 0000 0000 0000 0000 0100 2005 6400 4014 1000 002e 0000 0000 0400 0000 0000 0000 0000 0000 004c 002e 004c 0002 0026 0012 7037 005c 5049 5045 5c00 0000 0500 0003 1000 0000 2e00 0000 0300 0000 1600 0000 0000 0700 0000 0000 0405 0607 0809 0a0b 0c0d 0e0f 1011 1213 0500 14:45:49.927584 alice.realminfo.com.netbios-ssn > 208.205.6.139.1034: P 504:664(160) ack 663 win 32736 (DF) (ttl 64, id 31945) 4500 00c8 7cc9 4000 4006 0eb8 d0cd 0689 d0cd 068b 008b 040a 1c21 e0ed 0015 2914 5018 7fe0 41df 0000 0000 009c ff53 4d42 2500 0000 0088 0100 0000 0000 0000 0000 0000 0000 0100 2005 6400 4014 0a00 0064 0000 0000 0038 0000 0064 0038 0000 0000 0065 0000 0500 0203 1000 0000 6400 0000 0300 0000 4c00 0000 0000 0000 0000 0022 0500 0000 0a00 0a00 0400 0000 0200 0000 0600 0000 0000 0000 0600 0000 5200 4500 4100 4c00 4d00 0000 0400 0000 0104 0000 0000 0005 1500 0000 f30f ce71 99ae b77c 1b98 210a 0000 0000 14:45:49.927584 208.205.6.139.1034 > alice.realminfo.com.netbios-ssn: P 663:787(124) ack 664 win 7362 (DF) (ttl 128, id 37892) 4500 00a4 9404 4000 8006 b7a0 d0cd 068b d0cd 0689 040a 008b 0015 2914 1c21 e18d 5018 1cc2 a403 0000 0000 0078 ff53 4d42 2500 0000 0018 0300 6680 0000 0000 0000 0000 0000 0100 2005 6400 8014 1000 002c 0000 0000 0400 0000 0000 0000 0000 0000 004c 002c 004c 0002 0026 0012 7035 005c 5049 5045 5c00 0000 0500 0003 1000 0000 2c00 0000 0400 0000 1400 0000 0000 0000 0000 0000 0405 0607 0809 0a0b 0c0d 0e0f 1011 1213 14:45:49.927584 alice.realminfo.com.netbios-ssn > 208.205.6.139.1034: P 664:772(108) ack 787 win 32736 (DF) (ttl 64, id 31947) 4500 0094 7ccb 4000 4006 0eea d0cd 0689 d0cd 068b 008b 040a 1c21 e18d 0015 2990 5018 7fe0 6e43 0000 0000 0068 ff53 4d42 2500 0000 0088 0100 0000 0000 0000 0000 0000 0000 0100 2005 6400 8014 0a00 0030 0000 0000 0038 0000 0030 0038 0000 0000 0031 0000 0500 0203 1000 0000 3000 0000 0400 0000 1800 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 14:45:49.927584 208.205.6.139.1034 > alice.realminfo.com.netbios-ssn: P 787:833(46) ack 772 win 8760 (DF) (ttl 128, id 38148) 4500 0056 9504 4000 8006 b6ee d0cd 068b d0cd 0689 040a 008b 0015 2990 1c21 e1f9 5018 2238 c75f 0000 0000 002a ff53 4d42 0400 0000 0018 0300 0000 0000 0000 0000 0000 0000 0100 feca 6400 c014 0312 70ff ffff ff00 0038 14:45:49.927584 alice.realminfo.com.netbios-ssn > 208.205.6.139.1034: P 772:811(39) ack 833 win 32736 (DF) (ttl 64, id 31948) 4500 004f 7ccc 4000 4006 0f2e d0cd 0689 d0cd 068b 008b 040a 1c21 e1f9 0015 29be 5018 7fe0 de71 0000 0000 0023 ff53 4d42 0400 0000 0088 0100 0000 0000 0000 0000 0000 0000 0100 feca 6400 c014 0000 00 14:45:49.927584 208.205.6.139.1034 > alice.realminfo.com.netbios-ssn: P 833:928(95) ack 811 win 8721 (DF) (ttl 128, id 38404) 4500 0087 9604 4000 8006 b5bd d0cd 068b d0cd 0689 040a 008b 0015 29be 1c21 e220 5018 2211 1caf 0000 0000 005b ff53 4d42 a200 0000 0018 0300 5280 0000 0000 0000 0000 0000 0100 e006 6400 0015 18ff 0000 0000 0700 0600 0000 0000 0000 9f01 0200 0000 0000 0000 0000 0000 0000 0300 0000 0100 0000 0000 0000 0200 0000 0008 005c 6c73 6172 7063 00 14:45:49.937584 alice.realminfo.com.netbios-ssn > 208.205.6.139.1034: P 811:918(107) ack 928 win 32736 (DF) (ttl 64, id 31949) 4500 0093 7ccd 4000 4006 0ee9 d0cd 0689 d0cd 068b 008b 040a 1c21 e220 0015 2a1d 5018 7fe0 65b1 0000 0000 0067 ff53 4d42 a200 0000 0088 0100 0000 0000 0000 0000 0000 0000 0100 e006 6400 0015 22ff 0000 0000 1370 0100 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 8000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0200 ff05 0000 00 14:45:49.937584 208.205.6.139.1034 > alice.realminfo.com.netbios-ssn: P 928:1080(152) ack 918 win 8614 (DF) (ttl 128, id 38660) 4500 00c0 9704 4000 8006 b484 d0cd 068b d0cd 0689 040a 008b 0015 2a1d 1c21 e28b 5018 21a6 4af2 0000 0000 0094 ff53 4d42 2500 0000 0018 0300 5280 0000 0000 0000 0000 0000 0100 e006 6400 4015 1000 0048 0000 0000 0400 0000 0000 0000 0000 0000 004c 0048 004c 0002 0026 0013 7051 005c 5049 5045 5c00 0000 0500 0b00 1000 0000 4800 0000 0100 0000 3016 3016 0000 0000 0100 0000 0000 0100 7857 3412 3412 cdab ef00 0123 4567 89ab 0000 0000 045d 888a eb1c c911 9fe8 0800 2b10 4860 0200 0000 14:45:49.937584 alice.realminfo.com.netbios-ssn > 208.205.6.139.1034: P 918:1046(128) ack 1080 win 32736 (DF) (ttl 64, id 31950) 4500 00a8 7cce 4000 4006 0ed3 d0cd 0689 d0cd 068b 008b 040a 1c21 e28b 0015 2ab5 5018 7fe0 f139 0000 0000 007c ff53 4d42 2500 0000 0088 0100 0000 0000 0000 0000 0000 0000 0100 e006 6400 4015 0a00 0044 0000 0000 0038 0000 0044 0038 0000 0000 0045 0000 0500 0c03 1000 0000 4400 0000 0100 0000 3016 3016 0000 0000 0c00 5c50 4950 455c 6c73 6173 7300 0000 0100 0000 0000 0000 045d 888a eb1c c911 9fe8 0800 2b10 4860 0200 0000 14:45:49.937584 208.205.6.139.1034 > alice.realminfo.com.netbios-ssn: P 1080:1244(164) ack 1046 win 8486 (DF) (ttl 128, id 38916) 4500 00cc 9804 4000 8006 b378 d0cd 068b d0cd 0689 040a 008b 0015 2ab5 1c21 e30b 5018 2126 c399 0000 0000 00a0 ff53 4d42 2500 0000 0018 0300 5280 0000 0000 0000 0000 0000 0100 e006 6400 8015 1000 0054 0000 0000 0400 0000 0000 0000 0000 0000 004c 0054 004c 0002 0026 0013 705d 005c 5049 5045 5c00 0000 0500 0003 1000 0000 5400 0000 0100 0000 3c00 0000 0000 2c00 b878 1400 0800 0000 0000 0000 0800 0000 5c00 5c00 4100 4c00 4900 4300 4500 0000 1800 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0100 0000 14:45:49.937584 alice.realminfo.com.netbios-ssn > 208.205.6.139.1034: P 1046:1154(108) ack 1244 win 32736 (DF) (ttl 64, id 31951) 4500 0094 7ccf 4000 4006 0ee6 d0cd 0689 d0cd 068b 008b 040a 1c21 e30b 0015 2b59 5018 7fe0 5599 0000 0000 0068 ff53 4d42 2500 0000 0088 0100 0000 0000 0000 0000 0000 0000 0100 e006 6400 8015 0a00 0030 0000 0000 0038 0000 0030 0038 0000 0000 0031 0000 0500 0203 1000 0000 3000 0000 0100 0000 1800 0000 0000 0000 0000 0000 0405 0607 0809 0a0b 0c0d 0e0f 1011 1213 0000 0000 14:45:49.937584 208.205.6.139.1034 > alice.realminfo.com.netbios-ssn: P 1244:1370(126) ack 1154 win 8378 (DF) (ttl 128, id 39172) 4500 00a6 9904 4000 8006 b29e d0cd 068b d0cd 0689 040a 008b 0015 2b59 1c21 e377 5018 20ba a1ce 0000 0000 007a ff53 4d42 2500 0000 0018 0300 5280 0000 0000 0000 0000 0000 0100 e006 6400 c015 1000 002e 0000 0000 0400 0000 0000 0000 0000 0000 004c 002e 004c 0002 0026 0013 7037 005c 5049 5045 5c00 0000 0500 0003 1000 0000 2e00 0000 0200 0000 1600 0000 0000 0700 0000 0000 0405 0607 0809 0a0b 0c0d 0e0f 1011 1213 0500 14:45:49.937584 alice.realminfo.com.netbios-ssn > 208.205.6.139.1034: P 1154:1314(160) ack 1370 win 32736 (DF) (ttl 64, id 31952) 4500 00c8 7cd0 4000 4006 0eb1 d0cd 0689 d0cd 068b 008b 040a 1c21 e377 0015 2bd7 5018 7fe0 fd8e 0000 0000 009c ff53 4d42 2500 0000 0088 0100 0000 0000 0000 0000 0000 0000 0100 e006 6400 c015 0a00 0064 0000 0000 0038 0000 0064 0038 0000 0000 0065 0000 0500 0203 1000 0000 6400 0000 0200 0000 4c00 0000 0000 0000 0000 0022 0500 0000 0a00 0a00 0400 0000 0200 0000 0600 0000 0000 0000 0600 0000 5200 4500 4100 4c00 4d00 0000 0400 0000 0104 0000 0000 0005 1500 0000 f30f ce71 99ae b77c 1b98 210a 0000 0000 14:45:49.937584 208.205.6.139.1034 > alice.realminfo.com.netbios-ssn: P 1370:1494(124) ack 1314 win 8218 (DF) (ttl 128, id 39428) 4500 00a4 9a04 4000 8006 b1a0 d0cd 068b d0cd 0689 040a 008b 0015 2bd7 1c21 e417 5018 201a 705a 0000 0000 0078 ff53 4d42 2500 0000 0018 0300 5280 0000 0000 0000 0000 0000 0100 e006 6400 0016 1000 002c 0000 0000 0400 0000 0000 0000 0000 0000 004c 002c 004c 0002 0026 0013 7035 005c 5049 5045 5c00 0000 0500 0003 1000 0000 2c00 0000 0300 0000 1400 0000 0000 0000 0000 0000 0405 0607 0809 0a0b 0c0d 0e0f 1011 1213 14:45:49.947584 alice.realminfo.com.netbios-ssn > 208.205.6.139.1034: P 1314:1422(108) ack 1494 win 32736 (DF) (ttl 64, id 31953) 4500 0094 7cd1 4000 4006 0ee4 d0cd 0689 d0cd 068b 008b 040a 1c21 e417 0015 2c53 5018 7fe0 29f3 0000 0000 0068 ff53 4d42 2500 0000 0088 0100 0000 0000 0000 0000 0000 0000 0100 e006 6400 0016 0a00 0030 0000 0000 0038 0000 0030 0038 0000 0000 0031 0000 0500 0203 1000 0000 3000 0000 0300 0000 1800 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 14:45:49.947584 208.205.6.139.1034 > alice.realminfo.com.netbios-ssn: P 1494:1540(46) ack 1422 win 8110 (DF) (ttl 128, id 39684) 4500 0056 9b04 4000 8006 b0ee d0cd 068b d0cd 0689 040a 008b 0015 2c53 1c21 e483 5018 1fae 449a 0000 0000 002a ff53 4d42 0400 0000 0018 0300 0000 0000 0000 0000 0000 0000 0100 feca 6400 4016 0313 70ff ffff ff00 0038 14:45:49.947584 alice.realminfo.com.netbios-ssn > 208.205.6.139.1034: P 1422:1461(39) ack 1540 win 32736 (DF) (ttl 64, id 31954) 4500 004f 7cd2 4000 4006 0f28 d0cd 0689 d0cd 068b 008b 040a 1c21 e483 0015 2c81 5018 7fe0 5923 0000 0000 0023 ff53 4d42 0400 0000 0088 0100 0000 0000 0000 0000 0000 0000 0100 feca 6400 4016 0000 00 14:45:49.947584 208.205.6.139.1034 > alice.realminfo.com.netbios-ssn: P 1540:1633(93) ack 1461 win 8071 (DF) (ttl 128, id 39940) 4500 0085 9c04 4000 8006 afbf d0cd 068b d0cd 0689 040a 008b 0015 2c81 1c21 e4aa 5018 1f87 f965 0000 0000 0059 ff53 4d42 a200 0000 0018 0300 5280 0000 0000 0000 0000 0000 0100 e006 6400 8016 18ff 0000 0000 0500 0600 0000 0000 0000 9f01 0200 0000 0000 0000 0000 0000 0000 0300 0000 0100 0000 0000 0000 0200 0000 0006 005c 7361 6d72 00 14:45:49.947584 alice.realminfo.com.netbios-ssn > 208.205.6.139.1034: P 1461:1568(107) ack 1633 win 32736 (DF) (ttl 64, id 31955) 4500 0093 7cd3 4000 4006 0ee3 d0cd 0689 d0cd 068b 008b 040a 1c21 e4aa 0015 2cde 5018 7fe0 df64 0000 0000 0067 ff53 4d42 a200 0000 0088 0100 0000 0000 0000 0000 0000 0000 0100 e006 6400 8016 22ff 0000 0000 1470 0100 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 8000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0200 ff05 0000 00 14:45:49.947584 208.205.6.139.1034 > alice.realminfo.com.netbios-ssn: P 1633:1785(152) ack 1568 win 7964 (DF) (ttl 128, id 40196) 4500 00c0 9d04 4000 8006 ae84 d0cd 068b d0cd 0689 040a 008b 0015 2cde 1c21 e515 5018 1f1c c52d 0000 0000 0094 ff53 4d42 2500 0000 0018 0300 5280 0000 0000 0000 0000 0000 0100 e006 6400 c016 1000 0048 0000 0000 0400 0000 0000 0000 0000 0000 004c 0048 004c 0002 0026 0014 7051 005c 5049 5045 5c00 0000 0500 0b00 1000 0000 4800 0000 0300 0000 3016 3016 0000 0000 0100 0000 0000 0100 7857 3412 3412 cdab ef00 0123 4567 89ac 0100 0000 045d 888a eb1c c911 9fe8 0800 2b10 4860 0200 0000 14:45:49.947584 alice.realminfo.com.netbios-ssn > 208.205.6.139.1034: P 1568:1696(128) ack 1785 win 32736 (DF) (ttl 64, id 31956) 4500 00a8 7cd4 4000 4006 0ecd d0cd 0689 d0cd 068b 008b 040a 1c21 e515 0015 2d76 5018 7fe0 69ed 0000 0000 007c ff53 4d42 2500 0000 0088 0100 0000 0000 0000 0000 0000 0000 0100 e006 6400 c016 0a00 0044 0000 0000 0038 0000 0044 0038 0000 0000 0045 0000 0500 0c03 1000 0000 4400 0000 0300 0000 3016 3016 0000 0000 0c00 5c50 4950 455c 6c73 6173 7300 0000 0100 0000 0000 0000 045d 888a eb1c c911 9fe8 0800 2b10 4860 0200 0000 14:45:49.947584 208.205.6.139.1034 > alice.realminfo.com.netbios-ssn: P 1785:1925(140) ack 1696 win 7836 (DF) (ttl 128, id 40452) 4500 00b4 9e04 4000 8006 ad90 d0cd 068b d0cd 0689 040a 008b 0015 2d76 1c21 e595 5018 1e9c 526f 0000 0000 0088 ff53 4d42 2500 0000 0018 0300 5280 0000 0000 0000 0000 0000 0100 e006 6400 0017 1000 003c 0000 0000 0400 0000 0000 0000 0000 0000 004c 003c 004c 0002 0026 0014 7045 005c 5049 5045 5c00 0000 0500 0003 1000 0000 3c00 0000 0100 0000 2400 0000 0000 3900 b057 1400 0800 0000 0000 0000 0800 0000 5c00 5c00 4100 4c00 4900 4300 4500 0000 3100 0200 14:45:49.957584 alice.realminfo.com.netbios-ssn > 208.205.6.139.1034: P 1696:1804(108) ack 1925 win 32736 (DF) (ttl 64, id 31957) 4500 0094 7cd5 4000 4006 0ee0 d0cd 0689 d0cd 068b 008b 040a 1c21 e595 0015 2e02 5018 7fe0 9123 0000 0000 0068 ff53 4d42 2500 0000 0088 0100 0000 0000 0000 0000 0000 0000 0100 e006 6400 0017 0a00 0030 0000 0000 0038 0000 0030 0038 0000 0000 0031 0000 0500 0203 1000 0000 3000 0000 0100 0000 1800 0000 0000 0000 0000 0000 0700 0000 0000 0000 dd42 2636 8d28 0000 0000 0000 14:45:49.957584 208.205.6.139.1034 > alice.realminfo.com.netbios-ssn: P 1925:2079(154) ack 1804 win 7728 (DF) (ttl 128, id 40708) 4500 00c2 9f04 4000 8006 ac82 d0cd 068b d0cd 0689 040a 008b 0015 2e02 1c21 e601 5018 1e30 4fdb 0000 0000 0096 ff53 4d42 2500 0000 0018 0300 5280 0000 0000 0000 0000 0000 0100 e006 6400 4017 1000 004a 0000 0000 0400 0000 0000 0000 0000 0000 004c 004a 004c 0002 0026 0014 7053 005c 5049 5045 5c00 0000 0500 0003 1000 0000 4a00 0000 0200 0000 3200 0000 0000 0500 0000 0000 0700 0000 0000 0000 dd42 2636 8d28 0000 0a00 0c00 b878 1400 0600 0000 0000 0000 0500 0000 5200 4500 4100 4c00 4d00 14:45:49.957584 alice.realminfo.com.netbios-ssn > 208.205.6.139.1034: P 1804:1868(64) ack 2079 win 32736 (DF) (ttl 64, id 31958) 4500 0068 7cd6 4000 4006 0f0b d0cd 0689 d0cd 068b 008b 040a 1c21 e601 0015 2e9c 5018 7fe0 169a 0000 0000 003c ff53 4d42 2500 0000 0088 0100 0000 0000 0000 0000 0000 0000 0100 e006 6400 4017 0a04 0000 0000 0004 0038 0000 0000 003c 0000 0000 0005 0000 3200 0000 14:45:49.957584 208.205.6.139.1034 > alice.realminfo.com.netbios-ssn: P 2079:2125(46) ack 1868 win 7664 (DF) (ttl 128, id 40964) 4500 0056 a004 4000 8006 abee d0cd 068b d0cd 0689 040a 008b 0015 2e9c 1c21 e641 5018 1df0 0287 0000 0000 002a ff53 4d42 0400 0000 0018 0300 0000 0000 0000 0000 0000 0000 0100 feca 6400 8017 0314 70ff ffff ff00 0000 14:45:49.957584 alice.realminfo.com.netbios-ssn > 208.205.6.139.1034: P 1868:1907(39) ack 2125 win 32736 (DF) (ttl 64, id 31959) 4500 004f 7cd7 4000 4006 0f23 d0cd 0689 d0cd 068b 008b 040a 1c21 e641 0015 2eca 5018 7fe0 151b 0000 0000 0023 ff53 4d42 0400 0000 0088 0100 0000 0000 0000 0000 0000 0000 0100 feca 6400 8017 0000 00 14:45:49.957584 208.205.6.139.1034 > alice.realminfo.com.netbios-ssn: P 2125:2218(93) ack 1907 win 7625 (DF) (ttl 128, id 41220) 4500 0085 a104 4000 8006 aabf d0cd 068b d0cd 0689 040a 008b 0015 2eca 1c21 e668 5018 1dc9 b71b 0000 0000 0059 ff53 4d42 a200 0000 0018 0300 5280 0000 0000 0000 0000 0000 0100 e006 6400 c017 18ff 0000 0000 0500 0600 0000 0000 0000 9f01 0200 0000 0000 0000 0000 0000 0000 0300 0000 0100 0000 0000 0000 0200 0000 0006 005c 7361 6d72 00 14:45:49.957584 alice.realminfo.com.netbios-ssn > 208.205.6.139.1034: P 1907:2014(107) ack 2218 win 32736 (DF) (ttl 64, id 31960) 4500 0093 7cd8 4000 4006 0ede d0cd 0689 d0cd 068b 008b 040a 1c21 e668 0015 2f27 5018 7fe0 9a5c 0000 0000 0067 ff53 4d42 a200 0000 0088 0100 0000 0000 0000 0000 0000 0000 0100 e006 6400 c017 22ff 0000 0000 1570 0100 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 8000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0200 ff05 0000 00 14:45:49.967584 208.205.6.139.1034 > alice.realminfo.com.netbios-ssn: P 2218:2370(152) ack 2014 win 7518 (DF) (ttl 128, id 41476) 4500 00c0 a204 4000 8006 a984 d0cd 068b d0cd 0689 040a 008b 0015 2f27 1c21 e6d3 5018 1d5e 83e2 0000 0000 0094 ff53 4d42 2500 0000 0018 0300 5280 0000 0000 0000 0000 0000 0100 e006 6400 0018 1000 0048 0000 0000 0400 0000 0000 0000 0000 0000 004c 0048 004c 0002 0026 0015 7051 005c 5049 5045 5c00 0000 0500 0b00 1000 0000 4800 0000 0200 0000 3016 3016 0000 0000 0100 0000 0000 0100 7857 3412 3412 cdab ef00 0123 4567 89ac 0100 0000 045d 888a eb1c c911 9fe8 0800 2b10 4860 0200 0000 14:45:49.967584 alice.realminfo.com.netbios-ssn > 208.205.6.139.1034: P 2014:2142(128) ack 2370 win 32736 (DF) (ttl 64, id 31961) 4500 00a8 7cd9 4000 4006 0ec8 d0cd 0689 d0cd 068b 008b 040a 1c21 e6d3 0015 2fbf 5018 7fe0 26e5 0000 0000 007c ff53 4d42 2500 0000 0088 0100 0000 0000 0000 0000 0000 0000 0100 e006 6400 0018 0a00 0044 0000 0000 0038 0000 0044 0038 0000 0000 0045 0000 0500 0c03 1000 0000 4400 0000 0200 0000 3016 3016 0000 0000 0c00 5c50 4950 455c 6c73 6173 7300 0000 0100 0000 0000 0000 045d 888a eb1c c911 9fe8 0800 2b10 4860 0200 0000 14:45:49.967584 208.205.6.139.1034 > alice.realminfo.com.netbios-ssn: P 2370:2494(124) ack 2142 win 7390 (DF) (ttl 128, id 41988) 4500 00a4 a404 4000 8006 a7a0 d0cd 068b d0cd 0689 040a 008b 0015 2fbf 1c21 e753 5018 1cde ec2c 0000 0000 0078 ff53 4d42 2500 0000 0018 0300 5280 0000 0000 0000 0000 0000 0100 e006 6400 4018 1000 002c 0000 0000 0400 0000 0000 0000 0000 0000 004c 002c 004c 0002 0026 0015 7035 005c 5049 5045 5c00 0000 0500 0003 1000 0000 2c00 0000 0300 0000 1400 0000 0000 0100 0000 0000 0700 0000 0000 0000 dd42 2636 8d28 0000 14:45:49.967584 alice.realminfo.com.netbios-ssn > 208.205.6.139.1034: P 2142:2250(108) ack 2494 win 32736 (DF) (ttl 64, id 31962) 4500 0094 7cda 4000 4006 0edb d0cd 0689 d0cd 068b 008b 040a 1c21 e753 0015 303b 5018 7fe0 e2cc 0000 0000 0068 ff53 4d42 2500 0000 0088 0100 0000 0000 0000 0000 0000 0000 0100 e006 6400 4018 0a00 0030 0000 0000 0038 0000 0030 0038 0000 0000 0031 0000 0500 0203 1000 0000 3000 0000 0300 0000 1800 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 14:45:49.967584 208.205.6.139.1034 > alice.realminfo.com.netbios-ssn: P 2494:2540(46) ack 2250 win 8760 (DF) (ttl 128, id 42244) 4500 0056 a504 4000 8006 a6ee d0cd 068b d0cd 0689 040a 008b 0015 303b 1c21 e7bf 5018 2238 fae7 0000 0000 002a ff53 4d42 0400 0000 0018 0300 0000 0000 0000 0000 0000 0000 0100 feca 6400 8018 0315 70ff ffff ff00 0038 14:45:49.967584 alice.realminfo.com.netbios-ssn > 208.205.6.139.1034: P 2250:2289(39) ack 2540 win 32736 (DF) (ttl 64, id 31963) 4500 004f 7cdb 4000 4006 0f1f d0cd 0689 d0cd 068b 008b 040a 1c21 e7bf 0015 3069 5018 7fe0 11fd 0000 0000 0023 ff53 4d42 0400 0000 0088 0100 0000 0000 0000 0000 0000 0000 0100 feca 6400 8018 0000 00 14:45:49.967584 208.205.6.139.1034 > alice.realminfo.com.netbios-ssn: P 2540:2635(95) ack 2289 win 8721 (DF) (ttl 128, id 42500) 4500 0087 a604 4000 8006 a5bd d0cd 068b d0cd 0689 040a 008b 0015 3069 1c21 e7e6 5018 2211 4340 0000 0000 005b ff53 4d42 a200 0000 0018 0300 5280 0000 0000 0000 0000 0000 0100 e006 6400 c018 18ff 0000 0000 0700 0600 0000 0000 0000 9f01 0200 0000 0000 0000 0000 0000 0000 0300 0000 0100 0000 0000 0000 0200 0000 0008 005c 7769 6e72 6567 00 14:45:49.967584 alice.realminfo.com.netbios-ssn > 208.205.6.139.1034: P 2289:2396(107) ack 2635 win 32736 (DF) (ttl 64, id 31964) 4500 0093 7cdc 4000 4006 0eda d0cd 0689 d0cd 068b 008b 040a 1c21 e7e6 0015 30c8 5018 7fe0 963c 0000 0000 0067 ff53 4d42 a200 0000 0088 0100 0000 0000 0000 0000 0000 0000 0100 e006 6400 c018 22ff 0000 0000 1670 0100 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 8000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0200 ff05 0000 00 14:45:49.977584 208.205.6.139.1034 > alice.realminfo.com.netbios-ssn: P 2635:2787(152) ack 2396 win 8614 (DF) (ttl 128, id 42756) 4500 00c0 a704 4000 8006 a484 d0cd 068b d0cd 0689 040a 008b 0015 30c8 1c21 e851 5018 21a6 a2d2 0000 0000 0094 ff53 4d42 2500 0000 0018 0300 5280 0000 0000 0000 0000 0000 0100 e006 6400 0019 1000 0048 0000 0000 0400 0000 0000 0000 0000 0000 004c 0048 004c 0002 0026 0016 7051 005c 5049 5045 5c00 0000 0500 0b00 1000 0000 4800 0000 0300 0000 3016 3016 0000 0000 0100 0000 0000 0100 01d0 8c33 4422 f131 aaaa 9000 3800 1003 0100 0000 045d 888a eb1c c911 9fe8 0800 2b10 4860 0200 0000 14:45:49.977584 alice.realminfo.com.netbios-ssn > 208.205.6.139.1034: P 2396:2524(128) ack 2787 win 32736 (DF) (ttl 64, id 31965) 4500 00a8 7cdd 4000 4006 0ec4 d0cd 0689 d0cd 068b 008b 040a 1c21 e851 0015 3160 5018 7fe0 1769 0000 0000 007c ff53 4d42 2500 0000 0088 0100 0000 0000 0000 0000 0000 0000 0100 e006 6400 0019 0a00 0044 0000 0000 0038 0000 0044 0038 0000 0000 0045 0000 0500 0c03 1000 0000 4400 0000 0300 0000 3016 3016 0000 0000 0d00 5c50 4950 455c 7769 6e72 6567 0000 0100 0000 0000 0000 045d 888a eb1c c911 9fe8 0800 2b10 4860 0200 0000 14:45:49.977584 208.205.6.139.1034 > alice.realminfo.com.netbios-ssn: P 2787:2903(116) ack 2524 win 8486 (DF) (ttl 128, id 43012) 4500 009c a804 4000 8006 a3a8 d0cd 068b d0cd 0689 040a 008b 0015 3160 1c21 e8d1 5018 2126 9d4c 0000 0000 0070 ff53 4d42 2500 0000 0018 0300 5280 0000 0000 0000 0000 0000 0100 e006 6400 4019 1000 0024 0000 0000 0400 0000 0000 0000 0000 0000 004c 0024 004c 0002 0026 0016 702d 005c 5049 5045 5c00 0000 0500 0003 1000 0000 2400 0000 0100 0000 0c00 0000 0000 0200 14ce 1200 c870 0100 0000 0002 14:45:49.977584 alice.realminfo.com.netbios-ssn > 208.205.6.139.1034: P 2524:2632(108) ack 2903 win 32736 (DF) (ttl 64, id 31966) 4500 0094 7cde 4000 4006 0ed7 d0cd 0689 d0cd 068b 008b 040a 1c21 e8d1 0015 31d4 5018 7fe0 4913 0000 0000 0068 ff53 4d42 2500 0000 0088 0100 0000 0000 0000 0000 0000 0000 0100 e006 6400 4019 0a00 0030 0000 0000 0038 0000 0030 0038 0000 0000 0031 0000 0500 0203 1000 0000 3000 0000 0100 0000 1800 0000 0000 0000 0000 0000 0800 0000 0000 0000 dd42 2636 8d28 0000 0000 0000 14:45:49.977584 208.205.6.139.1034 > alice.realminfo.com.netbios-ssn: P 2903:3171(268) ack 2632 win 8378 (DF) (ttl 128, id 43268) 4500 0134 a904 4000 8006 a210 d0cd 068b d0cd 0689 040a 008b 0015 31d4 1c21 e93d 5018 20ba 7c97 0000 0000 0108 ff53 4d42 2500 0000 0018 0300 5280 0000 0000 0000 0000 0000 0100 e006 6400 8019 1000 00bc 0000 0000 0400 0000 0000 0000 0000 0000 004c 00bc 004c 0002 0026 0016 70c5 005c 5049 5045 5c00 0000 0500 0003 1000 0000 bc00 0000 0200 0000 a400 0000 0000 0f00 0000 0000 0800 0000 0000 0000 dd42 2636 8d28 0000 7400 7400 50ce 1200 3a00 0000 0000 0000 3a00 0000 5300 7900 7300 7400 6500 6d00 5c00 4300 7500 7200 7200 6500 6e00 7400 4300 6f00 6e00 7400 7200 6f00 6c00 5300 6500 7400 5c00 4300 6f00 6e00 7400 7200 6f00 6c00 5c00 4300 6900 7400 7200 6900 7800 5c00 5500 -- Michael D. Ivey - Director of Emerging Technologies ivey@realminfo.com http://www.realminfo.com/~ivey/ From james at cows.ml.org Thu Oct 15 19:08:35 1998 From: james at cows.ml.org (James Willard) Date: Tue Dec 2 02:24:34 2003 Subject: Server manager works with latest CVS! Message-ID: <199810151908.PAA12005@cows.ml.org> Good job guys, Server Manager on NT can now work with the latest CVS of Samba. It no longer gives the RPC Server Unavailable error. However, User Manager still doesn't connect, but it's great progress. James Willard james@cows.ml.org -- From spinkston at otc.ozarka.tec.ar.us Thu Oct 15 20:12:30 1998 From: spinkston at otc.ozarka.tec.ar.us (Scott Pinkston) Date: Tue Dec 2 02:24:34 2003 Subject: hi Message-ID: <41AD39009DEAD11189BD00A0C9B425B40139F6@otc.ozarka.tec.ar.us> JOIN --------------------------------- Scott Pinkston Network Manager Ozarka Technical College (870) 368-7371 spinkston@ozarka.tec.ar.us --------------------------------- From drobbins at obgyn.unm.edu Thu Oct 15 21:10:52 1998 From: drobbins at obgyn.unm.edu (Daniel Robbins) Date: Tue Dec 2 02:24:34 2003 Subject: Unknown Error Joining Domain (2.0.0a12) Message-ID: <362664DB.568B995@obgyn.unm.edu> Hi, I'm testing out Samba 2.0.0a12, and have run into a problem adding machines to the domain. Here's loglevel 3 output of log.smb of a machine named "crayola" trying to join our test domain "weeble": Requested protocol [PC NETWORK PROGRAM 1.0] [1998/10/15 15:01:20, 3] smbd/negprot.c:reply_negprot(332) Requested protocol [XENIX CORE] [1998/10/15 15:01:20, 3] smbd/negprot.c:reply_negprot(332) Requested protocol [MICROSOFT NETWORKS 1.03] [1998/10/15 15:01:20, 3] smbd/negprot.c:reply_negprot(332) Requested protocol [LANMAN1.0] [1998/10/15 15:01:20, 3] smbd/negprot.c:reply_negprot(332) Requested protocol [Windows for Workgroups 3.1a] [1998/10/15 15:01:20, 3] smbd/negprot.c:reply_negprot(332) Requested protocol [LM1.2X002] [1998/10/15 15:01:20, 3] smbd/negprot.c:reply_negprot(332) Requested protocol [LANMAN2.1] [1998/10/15 15:01:20, 3] smbd/negprot.c:reply_negprot(332) Requested protocol [NT LM 0.12] [1998/10/15 15:01:20, 3] smbd/negprot.c:reply_negprot(409) Selected protocol NT LM 0.12 [1998/10/15 15:01:20, 3] smbd/process.c:process_smb(565) Transaction 2 of length 196 [1998/10/15 15:01:20, 3] smbd/process.c:switch_message(402) switch message SMBsesssetupX (pid 10714) [1998/10/15 15:01:20, 3] smbd/reply.c:reply_sesssetup_and_X(567) Domain=[WEEBLE] NativeOS=[Windows NT 1381] NativeLanMan=[] [1998/10/15 15:01:20, 3] smbd/reply.c:reply_sesssetup_and_X(571) sesssetupX:name=[CRAYOLA$] [1998/10/15 15:01:20, 3] smbd/error.c:error_packet(127) 32 bit error packet at line 447 cmd=115 (SMBsesssetupX) eclass=c000006d [Error: Unknown error (109,49152)] [1998/10/15 15:01:20, 3] smbd/process.c:smbd_process(806) end of file from client [1998/10/15 15:01:20, 2] smbd/server.c:exit_server(405) Closing connections [1998/10/15 15:01:20, 3] smbd/server.c:exit_server(430) Server exit (normal exit) You can see the unknown error above. We are just trying to join the domain from NT4 Workstation, and we are not trying to create an account. We have added a CRAYOLA$ user to /etc/passwd, and an entry in smbpasswd with username CRAYOLA$, password "crayola". smb.conf follows: workgroup = weeble server string = myserver security = user encrypt passwords = yes domain controller = Yes domain logons = Yes preferred master = Yes domain master = yes socket options = TCP_NODELAY local master = no wins server = 129.24.234.99 netbios name = myserver [netlogon] path = /usr/local/samba/data/netlogon read only = No [tmp] comment = temporary files path = /tmp read only = yes [ftp] comment = ftp directory path = /home/ftp read only = yes Any help would be appreciated... -- Daniel Robbins System Administrator University of New Mexico drobbins@obgyn.unm.edu -------------- next part -------------- HTML attachment scrubbed and removed From lkcl at switchboard.net Thu Oct 15 22:17:48 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:34 2003 Subject: Server manager works with latest CVS! In-Reply-To: <199810151908.PAA12005@cows.ml.org> Message-ID: oh dear, oh dear. where does it fail? do you have exactly the same usernames in private/smbpasswd as you do in /etc/passwd? On Fri, 16 Oct 1998, James Willard wrote: > Good job guys, Server Manager on NT can now work with the latest CVS of > Samba. It no longer gives the RPC Server Unavailable error. However, User > Manager still doesn't connect, but it's great progress. > > James Willard > james@cows.ml.org > -- > Luke Kenneth Casson Leighton Samba and Network Development Samba and Network Consultancy From lkcl at switchboard.net Thu Oct 15 22:24:46 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:34 2003 Subject: SPAM for attention eric, Re: cvs issue Message-ID: eric, you are sending from an unknown dns domain, i tried to reply direct to you. From ivey at realminfo.com Thu Oct 15 22:00:30 1998 From: ivey at realminfo.com (Michael D. Ivey) Date: Tue Dec 2 02:24:34 2003 Subject: latest CVS co, same thing WRT winframe/terminal server Message-ID: <19981015180030.A20452@bagheera.realminfo.com> Still getting the Redirector: received an SMB that was too short. error, after upgrading to latest code. This is only on the Terminal Server box, and only on interactive logins...connecting to a share after logging in as local user works great. I can send an strace or tcpdump (again) if someone really wants it. /mdi -- Michael D. Ivey - Director of Emerging Technologies ivey@realminfo.com http://www.realminfo.com/~ivey/ From pfrazao at ualg.pt Thu Oct 15 23:07:48 1998 From: pfrazao at ualg.pt (Pedro Miguel =?ISO-8859-1?Q?Fraz=E3o?= F. Ferreira) Date: Tue Dec 2 02:24:34 2003 Subject: alpha9 and roaming profiles Message-ID: <36268044.D4EBFDF7@ualg.pt> Hi, I downloaded version 2.0.0alpha9 and there are no problems adding NT Wkts to the samba PDC. When trying to use roaming profiles, samba only creates directories but it can not create any files. Windows NT wkst 4.0 gives the following error on any atempt to create any file in a user's home dir: Can not create the file - The session was canceled. Anyone add a problem like this ? Any workaround ? Thanks, Pedro Ferreira From matthew at janus.law.usyd.edu.au Thu Oct 15 23:13:43 1998 From: matthew at janus.law.usyd.edu.au (Matthew Geier) Date: Tue Dec 2 02:24:34 2003 Subject: Server manager works with latest CVS! In-Reply-To: from "Luke Kenneth Casson Leighton" at Oct 16, 98 07:26:55 am Message-ID: <199810152313.JAA15682@janus.law.usyd.edu.au> > > oh dear, oh dear. where does it fail? do you have exactly the same > usernames in private/smbpasswd as you do in /etc/passwd? Ive never seen the 'usermgr' work, and I my smbpasswd and /etc/passwd files ARE different. All the Unix daemons and other special non user ID's are not in the smbpasswd file. From lkcl at switchboard.net Fri Oct 16 00:12:51 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:34 2003 Subject: Server manager works with latest CVS! In-Reply-To: <199810152313.JAA15682@janus.law.usyd.edu.au> Message-ID: > Ive never seen the 'usermgr' work, and I my smbpasswd and /etc/passwd > files ARE different. All the Unix daemons and other special non user > ID's are not in the smbpasswd file. usernames in smbpasswd MUST match those in /etc/passwd. additional names in /etc/passwd need NOT occur in smbpasswd. From matthew at janus.law.usyd.edu.au Thu Oct 15 23:22:59 1998 From: matthew at janus.law.usyd.edu.au (Matthew Geier) Date: Tue Dec 2 02:24:34 2003 Subject: Server manager works with latest CVS! In-Reply-To: from "Luke Kenneth Casson Leighton" at Oct 16, 98 09:19:23 am Message-ID: <199810152323.JAA15976@janus.law.usyd.edu.au> > > > Ive never seen the 'usermgr' work, and I my smbpasswd and /etc/passwd > > files ARE different. All the Unix daemons and other special non user > > ID's are not in the smbpasswd file. > > usernames in smbpasswd MUST match those in /etc/passwd. additional names > in /etc/passwd need NOT occur in smbpasswd. > I wonder if my usermgr failure is due to users still being in smbpasswd after being deleted from the system. It is quite possible there are old users in smbpasswd that have long been deleted from the system, since the system user delete program wont know about the samba passwords. Time to sort my password files an compare... From lkcl at switchboard.net Fri Oct 16 00:36:55 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:34 2003 Subject: Server manager works with latest CVS! In-Reply-To: <199810152323.JAA15976@janus.law.usyd.edu.au> Message-ID: there is now (or will be soon :) a debug level 0 warning if this occurs. On Fri, 16 Oct 1998, Matthew Geier wrote: > > > > > Ive never seen the 'usermgr' work, and I my smbpasswd and /etc/passwd > > > files ARE different. All the Unix daemons and other special non user > > > ID's are not in the smbpasswd file. > > > > usernames in smbpasswd MUST match those in /etc/passwd. additional names > > in /etc/passwd need NOT occur in smbpasswd. > > > > I wonder if my usermgr failure is due to users still being in smbpasswd > after being deleted from the system. It is quite possible there are > old users in smbpasswd that have long been deleted from the system, since > the system user delete program wont know about the samba passwords. > > Time to sort my password files an compare... > > Luke Kenneth Casson Leighton Samba and Network Development Samba and Network Consultancy From D.Bannon at latrobe.edu.au Fri Oct 16 00:14:31 1998 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:24:34 2003 Subject: Policies not being updated In-Reply-To: References: <199810152323.JAA15976@janus.law.usyd.edu.au> Message-ID: <3.0.3.32.19981016101431.0074a228@bioserve.biochem.latrobe.edu.au> Can someone please suggest an approach : My \netlogon\ntconfig.pol file is being read (according to samba logs) by ntworkstation, however it is not being acted upon. I mean I am setting basic things, 'hide display tab' etc and its never hidden. ( even after several logons) The .pol file was made on a win95 machine, I assume this is OK ? Is there a setting on the ntworkstation that prevents remote update to registery ? I know there is a registary setting to set it off/auto/manual however auto is supposed to be the default and nothing to reverse that appears in the registary at present. How can I get poledit.exe running on the ntworkstation ? Thanks David ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From samuel at public.szonline.net Fri Oct 16 00:51:54 1998 From: samuel at public.szonline.net (Samuel Leo) Date: Tue Dec 2 02:24:34 2003 Subject: Server manager works with latest CVS! References: <199810152323.JAA15976@janus.law.usyd.edu.au> Message-ID: <362698A9.795EA9D3@public.szonline.net> > I wonder if my usermgr failure is due to users still being in smbpasswd > after being deleted from the system. It is quite possible there are > old users in smbpasswd that have long been deleted from the system, since > the system user delete program wont know about the samba passwords. > > Time to sort my password files an compare... Yes, after I removed the account "Administrator" from smbpasswd, they work fine except the last user in smbpasswd appear twice in usrmgr. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 2481 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.samba.org/archive/samba-ntdom/attachments/19981016/c4d6eff8/smime.bin From james at cows.ml.org Fri Oct 16 01:20:54 1998 From: james at cows.ml.org (James Willard) Date: Tue Dec 2 02:24:34 2003 Subject: Server manager works with latest CVS! In-Reply-To: <362698A9.795EA9D3@public.szonline.net> from "Samuel Leo" at Oct 16, 98 10:56:26 am Message-ID: <199810160120.VAA12862@cows.ml.org> My smbpasswd matches /etc/passwd only for a few entries, such as root and james. However, when I try to start User Manager, it gives a RPC Server Unavailable message. Shouldn't it just not display usernames in User Manager instead of the RPC Server message? Also, something interesting I noticed in Server Manager is that after viewing the properties of a PDC, you can click on "Users" or "In Use" to view the current users on the machine or the files that are in use. But if you try to do "Shares" you get another RPC error. Interestingly enough, doing this on a non-PDC machine works fine. Either "Users" "Shares" or "In Use" will work. Does samba have the capability for the description line to be changed from the properties of the machine in Server Manager yet? James Willard james@cows.ml.org -- > > I wonder if my usermgr failure is due to users still being in smbpasswd > > after being deleted from the system. It is quite possible there are > > old users in smbpasswd that have long been deleted from the system, since > > the system user delete program wont know about the samba passwords. > > > > Time to sort my password files an compare... > > Yes, after I removed the account "Administrator" from smbpasswd, > they work fine except the last user in smbpasswd appear twice in > usrmgr. > From cartegw at Eng.Auburn.EDU Fri Oct 16 05:12:18 1998 From: cartegw at Eng.Auburn.EDU (Gerald W. Carter) Date: Tue Dec 2 02:24:34 2003 Subject: Policies not being updated In-Reply-To: <3.0.3.32.19981016101431.0074a228@bioserve.biochem.latrobe.edu.au> Message-ID: On Fri, 16 Oct 1998, David Bannon wrote: > The .pol file was made on a win95 machine, I assume this is OK ? Nope. The regisrty settings are different. Use the NT policy manager > Is there a setting on the ntworkstation that prevents remote update to > registery ? I know there is a registary setting to set it off/auto/manual > however auto is supposed to be the default and nothing to reverse that > appears in the registary at present. > > How can I get poledit.exe running on the ntworkstation ? It comes on the NT Server CD. There is no place that I know of to download it for free. Sorry. Hope this helps, j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From danny at cs.huji.ac.il Fri Oct 16 07:02:36 1998 From: danny at cs.huji.ac.il (Danny Braniss) Date: Tue Dec 2 02:24:34 2003 Subject: authentication Message-ID: hi all, Here at the Inst. of Computer Science we have over 500 hosts running several different os, SunOs/Solaris/SGI/NT/Win/Linux/BSDI/FreeBsd etc. We also service a big variety of users, administration, student's labs, reseach labs, PCs etc. not to mention PPP and remote users. To keep some sence of sanity, we have central-password-broker, and with different degree of difficulty/simplicity have managed to 'convince' the different platforms to use this service. I have made the necessary changes to Samba, and is working, my problem is that i have to do this every time i want to upgrade, and i need Samba/PDC. As much as my ego would like my name to appear as one of the contributors, i don't think you people should go out of the way to accomodate my whims. What I suggest is to meet half way. I'm about to start making the changes to 2.0, and would like very much if some of my ideas make it into the distribution. tia, danny - -- Daniel Braniss e-mail: danny@cs.huji.ac.il Institute of Computer Science phone: +972 2 658 4385 The Hebrew University Fax: +972 2 561 7723 Jerusalem, Israel ------- End of Forwarded Message From laurent.menu at temic.fr Fri Oct 16 07:52:00 1998 From: laurent.menu at temic.fr (laurent.menu@temic.fr) Date: Tue Dec 2 02:24:34 2003 Subject: copy hangs when running with log level =100 Message-ID: Hi, I noticed the following on my HP-UX brazil B.10.20 A 9000/827 : when running a recent (? ;-) cvs version (last week, "patched" with 16 instead of 8 in smbdes.c SamOEMhash() ) with log level = 100, it copies large files completely from and to an NTBox and then hangs until the session is cancelled, either with a dos copy or explorer drag-drop. I didn't try with small files. It doesn't really matter cause it works when resetting log level to 3, but as I lost 2 hours on this I wouldn't like somebody else to lose time on that :-) Laurent From hr at woehr.de Fri Oct 16 08:21:12 1998 From: hr at woehr.de (Hans Reichenecker) Date: Tue Dec 2 02:24:34 2003 Subject: Compile on HPUX 10.20 Message-ID: <000b01bdf8dd$efcca8f0$70a29bc1@pc-edv-2.woehr.de> When running ./configure on HP K360 with HP-UX 10.20 and HP Ansi-C-Compile I get the following message: checking for four-argument statfs (AIX-3.2.5, SVR3)... no checking for two-argument statfs with statfs.fsize member (4.4BSD and NetBSD)... no checking for two-argument statfs with struct fs_data (Ultrix)... no checking configure summary ERROR: No locking available. Running Samba would be unsafe configure: error: summary failure. Aborting config What can I do ?? Thanks OTTO W?HR GmbH Tel. 07044 46-0 Hans Reichenecker Tel. 07044 46-193 ?lgrabenstra?e 14 Fax 07044 46-149 D-71292 Friolzheim -------------- next part -------------- A non-text attachment was scrubbed... Name: winmail.dat Type: application/ms-tnef Size: 1976 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/19981016/1941ccd6/winmail.bin From jal at mcs.le.ac.uk Fri Oct 16 09:27:39 1998 From: jal at mcs.le.ac.uk (J. A. Landamore) Date: Tue Dec 2 02:24:34 2003 Subject: machine name entries Message-ID: <6375.9810160927@sun2.mcs.le.ac.uk> A non-text attachment was scrubbed... Name: not available Type: text Size: 574 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/19981016/e37e9790/attachment.bat From e92_jlu at e.kth.se Fri Oct 16 09:54:44 1998 From: e92_jlu at e.kth.se (John =?ISO-8859-1?Q?Lundb=E4ck?=) Date: Tue Dec 2 02:24:34 2003 Subject: Roaming Profiles and mysterious log files Message-ID: <199810160954.LAA04268@kinshasa.e.kth.se> I've got a small problem which I find very annoying indeed. Everytime a user logs into our domain and downloads the Profile from our file server, there are two files created prfnn.log and prfnntmp.log, one is 8Kb the other is 0Kb. What are they for creatures and how do I stop them to multiply on the diskserver in one week, one easily gets something between 50-100 such pairs of files. The only thing to do is to delete them manually from the diskserver. Isn't there a better way of getting rid of these files? Has it something to do with the fact that I do not have a NTPolicy.pol file as I do not have the NTServer CD with the NT version of the policy editor? I'm currently use the win95 policy editor which seems to do the job well. Regards, John From suprem at mygale.org Fri Oct 16 12:50:43 1998 From: suprem at mygale.org (Remy Bruno) Date: Tue Dec 2 02:24:35 2003 Subject: problem with samba on a NT domain Message-ID: <36274123.A044EDD2@mygale.org> Hello, I can't make my samba work properly on a NT domain. In my engineering school, all computers are on a NT domain served by the machine "REZO". Everyone has an account name and a password stored on this machine. A people (say A) can allow another people (say B) to read or write data on his own computer by sharing a directory for him. When B logs in on his own computer by begining a windows session, he is authentified by REZO (he enters his login and password). Then he can read and write on A's computer with the "network neighbourhood". All this works fine between 2 windows, but with my Linux, I can't read and write on shares other make for me. The other can access the shares I make to them if they have an account on my machine by using the login and password of their account, but not with the login/password of REZO. I can connect on another samba (using the login/passwd of the corresponding linux). I've tried many configurations, I read documentation, but it doesn't work. What most bothers me is the fact that I can't log on a window machine (the fact that people must enter their password of my machine to log in is not really a problem: I'm sure that only people I allow to log in can log in, whereas REZO would say if people can log in on my machine if this worked). When I try to connect on a Window computer with smbclient, it says "FINDFIRST gave ERRDOS - ERRnoaccess (Acess denied.)" when I try to make ls, whereas I sould have access to the share (I provide the login/passwd of REZO). smbmount says "smb_dont_catch_keepalive: server->data_ready == NULL". I'd be happy and gratefull if someone could help me. Regards, Remy BRUNO Student at Supelec FRANCE e-mail: suprem@mygale.org From greg at discreet.com Fri Oct 16 13:11:02 1998 From: greg at discreet.com (Greg Dickie) Date: Tue Dec 2 02:24:35 2003 Subject: smbdes.c Message-ID: Hi, I've deleted the email about where to patch SamOEM (?) in order to get encrypted logons to work in the latest CVS. Can anybody help me with that? BTW: smbwrapper still does not compile on IRIX, has anybody found a workaround? TIA, Greg --------------------------------------------------------------------- Greg Dickie Just A Guy* *from discreet logic Montreal (514) 954-7171 greg@discreet.com From amol at memcad.com Fri Oct 16 13:09:14 1998 From: amol at memcad.com (Amol Karnik) Date: Tue Dec 2 02:24:35 2003 Subject: makew failing on latest cvs update (16OCT) on solaris2.5.1 Message-ID: <3627457A.FA378381@memcad.com> hi all, just did a cvs update -d -P, since i heard that the latest code, has fixed the problem of roaming profiles not being updated/created. the make on a solaris2.5.1 machine fails with the following errors : Compiling rpcclient/cmd_wkssvc.c Compiling rpcclient/cmd_samr.c "rpcclient/cmd_samr.c", line 75: warning: argument #2 is incompatible with prototype: prototype: pointer to uchar : "include/proto.h", line 509 argument : pointer to char "rpcclient/cmd_samr.c", line 75: warning: argument #3 is incompatible with prototype: prototype: pointer to uchar : "include/proto.h", line 509 argument : pointer to char "rpcclient/cmd_samr.c", line 76: warning: argument #2 is incompatible with prototype: prototype: pointer to uchar : "include/proto.h", line 487 argument : pointer to char "rpcclient/cmd_samr.c", line 76: warning: argument #3 is incompatible with prototype: prototype: pointer to uchar : "include/proto.h", line 487 argument : pointer to char "rpcclient/cmd_samr.c", line 79: warning: argument #1 is incompatible with prototype: prototype: pointer to uchar : "include/proto.h", line 497 argument : pointer to char "rpcclient/cmd_samr.c", line 79: warning: argument #2 is incompatible with prototype: prototype: pointer to uchar : "include/proto.h", line 497 argument : pointer to char "rpcclient/cmd_samr.c", line 79: warning: argument #3 is incompatible with prototype: prototype: pointer to uchar : "include/proto.h", line 497 argument : pointer to char "rpcclient/cmd_samr.c", line 80: warning: argument #1 is incompatible with prototype: prototype: pointer to uchar : "include/proto.h", line 497 argument : pointer to char "rpcclient/cmd_samr.c", line 80: warning: argument #2 is incompatible with prototype: prototype: pointer to uchar : "include/proto.h", line 497 argument : pointer to char "rpcclient/cmd_samr.c", line 80: warning: argument #3 is incompatible with prototype: prototype: pointer to uchar : "include/proto.h", line 497 argument : pointer to char Compiling rpcclient/cmd_srvsvc.c Linking bin/rpcclient ild: (undefined symbol) cmd_netlogon_login_test -- referenced in the data segment of rpcclient/rpcclient.o *** Error code 5 make: Fatal error: Command failed for target `bin/rpcclient' thanks, amol From amol at memcad.com Fri Oct 16 14:27:28 1998 From: amol at memcad.com (Amol Karnik) Date: Tue Dec 2 02:24:35 2003 Subject: makew failing on latest cvs update (16OCT) on solaris2.5.1 References: <3627457A.FA378381@memcad.com> Message-ID: <362757D0.AE050669@memcad.com> ok, ignore my earlier email please... i did a rm -rf and did a fresh make, and it compiled, although the proto.h warnings are still present. - amol Amol Karnik wrote: > > hi all, > > just did a cvs update -d -P, since i heard that the latest code, has > fixed the problem of roaming profiles not being updated/created. > > the make on a solaris2.5.1 machine fails with the following errors : > > Compiling rpcclient/cmd_wkssvc.c > Compiling rpcclient/cmd_samr.c > "rpcclient/cmd_samr.c", line 75: warning: argument #2 is incompatible > with prototype: > prototype: pointer to uchar : "include/proto.h", line 509 > argument : pointer to char > "rpcclient/cmd_samr.c", line 75: warning: argument #3 is incompatible > with prototype: > prototype: pointer to uchar : "include/proto.h", line 509 > argument : pointer to char > "rpcclient/cmd_samr.c", line 76: warning: argument #2 is incompatible > with prototype: > prototype: pointer to uchar : "include/proto.h", line 487 > argument : pointer to char > "rpcclient/cmd_samr.c", line 76: warning: argument #3 is incompatible > with prototype: > prototype: pointer to uchar : "include/proto.h", line 487 > argument : pointer to char > "rpcclient/cmd_samr.c", line 79: warning: argument #1 is incompatible > with prototype: > prototype: pointer to uchar : "include/proto.h", line 497 > argument : pointer to char > "rpcclient/cmd_samr.c", line 79: warning: argument #2 is incompatible > with prototype: > prototype: pointer to uchar : "include/proto.h", line 497 > argument : pointer to char > "rpcclient/cmd_samr.c", line 79: warning: argument #3 is incompatible > with prototype: > prototype: pointer to uchar : "include/proto.h", line 497 > argument : pointer to char > "rpcclient/cmd_samr.c", line 80: warning: argument #1 is incompatible > with prototype: > prototype: pointer to uchar : "include/proto.h", line 497 > argument : pointer to char > "rpcclient/cmd_samr.c", line 80: warning: argument #2 is incompatible > with prototype: > prototype: pointer to uchar : "include/proto.h", line 497 > argument : pointer to char > "rpcclient/cmd_samr.c", line 80: warning: argument #3 is incompatible > with prototype: > prototype: pointer to uchar : "include/proto.h", line 497 > argument : pointer to char > Compiling rpcclient/cmd_srvsvc.c > Linking bin/rpcclient > ild: (undefined symbol) cmd_netlogon_login_test -- referenced in the > data segment of rpcclient/rpcclient.o > *** Error code 5 > make: Fatal error: Command failed for target `bin/rpcclient' > > thanks, > > amol From lkcl at switchboard.net Fri Oct 16 19:30:15 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:35 2003 Subject: smbdes.c In-Reply-To: Message-ID: i fixed it. On Fri, 16 Oct 1998, Greg Dickie wrote: > > Hi, > > I've deleted the email about where to patch SamOEM (?) in order to get > encrypted logons to work in the latest CVS. Can anybody help me with that? > > BTW: smbwrapper still does not compile on IRIX, has anybody found a workaround? > > TIA, > Greg > > --------------------------------------------------------------------- > Greg Dickie > Just A Guy* > *from discreet logic > Montreal > (514) 954-7171 > greg@discreet.com > > Luke Kenneth Casson Leighton Samba and Network Development Samba and Network Consultancy From greg at discreet.com Fri Oct 16 18:56:15 1998 From: greg at discreet.com (Greg Dickie) Date: Tue Dec 2 02:24:35 2003 Subject: smbdes.c In-Reply-To: Message-ID: uhm.... nevermind. ta, Greg On 16-Oct-98 Luke Kenneth Casson Leighton wrote: > i fixed it. > > On Fri, 16 Oct 1998, Greg Dickie wrote: > >> >> Hi, >> >> I've deleted the email about where to patch SamOEM (?) in order to get >> encrypted logons to work in the latest CVS. Can anybody help me with that? >> >> BTW: smbwrapper still does not compile on IRIX, has anybody found a >> workaround? >> >> TIA, >> Greg >> >> --------------------------------------------------------------------- >> Greg Dickie >> Just A Guy* >> *from discreet logic >> Montreal >> (514) 954-7171 >> greg@discreet.com >> >> > > Luke Kenneth Casson Leighton > Samba and Network Development > Samba and Network Consultancy --------------------------------------------------------------------- Greg Dickie Just A Guy* *from discreet logic Montreal (514) 954-7171 greg@discreet.com From lkcl at switchboard.net Fri Oct 16 19:54:18 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:35 2003 Subject: makew failing on latest cvs update (16OCT) on solaris2.5.1 In-Reply-To: <3627457A.FA378381@memcad.com> Message-ID: do a ./configure first. oh, do a cvs -t update because i fixed the warnings. _then_ do a ./configure. On Fri, 16 Oct 1998, Amol Karnik wrote: > hi all, > > just did a cvs update -d -P, since i heard that the latest code, has > fixed the problem of roaming profiles not being updated/created. > > the make on a solaris2.5.1 machine fails with the following errors : > > Compiling rpcclient/cmd_wkssvc.c > Compiling rpcclient/cmd_samr.c > "rpcclient/cmd_samr.c", line 75: warning: argument #2 is incompatible > with prototype: > prototype: pointer to uchar : "include/proto.h", line 509 > argument : pointer to char > "rpcclient/cmd_samr.c", line 75: warning: argument #3 is incompatible > with prototype: > prototype: pointer to uchar : "include/proto.h", line 509 > argument : pointer to char > "rpcclient/cmd_samr.c", line 76: warning: argument #2 is incompatible > with prototype: > prototype: pointer to uchar : "include/proto.h", line 487 > argument : pointer to char > "rpcclient/cmd_samr.c", line 76: warning: argument #3 is incompatible > with prototype: > prototype: pointer to uchar : "include/proto.h", line 487 > argument : pointer to char > "rpcclient/cmd_samr.c", line 79: warning: argument #1 is incompatible > with prototype: > prototype: pointer to uchar : "include/proto.h", line 497 > argument : pointer to char > "rpcclient/cmd_samr.c", line 79: warning: argument #2 is incompatible > with prototype: > prototype: pointer to uchar : "include/proto.h", line 497 > argument : pointer to char > "rpcclient/cmd_samr.c", line 79: warning: argument #3 is incompatible > with prototype: > prototype: pointer to uchar : "include/proto.h", line 497 > argument : pointer to char > "rpcclient/cmd_samr.c", line 80: warning: argument #1 is incompatible > with prototype: > prototype: pointer to uchar : "include/proto.h", line 497 > argument : pointer to char > "rpcclient/cmd_samr.c", line 80: warning: argument #2 is incompatible > with prototype: > prototype: pointer to uchar : "include/proto.h", line 497 > argument : pointer to char > "rpcclient/cmd_samr.c", line 80: warning: argument #3 is incompatible > with prototype: > prototype: pointer to uchar : "include/proto.h", line 497 > argument : pointer to char > Compiling rpcclient/cmd_srvsvc.c > Linking bin/rpcclient > ild: (undefined symbol) cmd_netlogon_login_test -- referenced in the > data segment of rpcclient/rpcclient.o > *** Error code 5 > make: Fatal error: Command failed for target `bin/rpcclient' > > > > > thanks, > > amol > Luke Kenneth Casson Leighton Samba and Network Development Samba and Network Consultancy From lkcl at switchboard.net Fri Oct 16 19:57:25 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:35 2003 Subject: smbdes.c In-Reply-To: Message-ID: :) too late - i go through my email sequentially :) On Fri, 16 Oct 1998, Greg Dickie wrote: > > uhm.... > > nevermind. > > ta, > Greg > > On 16-Oct-98 Luke Kenneth Casson Leighton wrote: > > i fixed it. > > > > On Fri, 16 Oct 1998, Greg Dickie wrote: > > > >> > >> Hi, > >> > >> I've deleted the email about where to patch SamOEM (?) in order to get > >> encrypted logons to work in the latest CVS. Can anybody help me with that? > >> > >> BTW: smbwrapper still does not compile on IRIX, has anybody found a > >> workaround? > >> > >> TIA, > >> Greg > >> > >> --------------------------------------------------------------------- > >> Greg Dickie > >> Just A Guy* > >> *from discreet logic > >> Montreal > >> (514) 954-7171 > >> greg@discreet.com > >> > >> > > > > Luke Kenneth Casson Leighton > > Samba and Network Development > > Samba and Network Consultancy > > --------------------------------------------------------------------- > Greg Dickie > Just A Guy* > *from discreet logic > Montreal > (514) 954-7171 > greg@discreet.com > > Luke Kenneth Casson Leighton Samba and Network Development Samba and Network Consultancy From ken at sdd.hp.com Fri Oct 16 22:54:34 1998 From: ken at sdd.hp.com (Ken Stone) Date: Tue Dec 2 02:24:35 2003 Subject: Compile on HPUX 10.20 In-Reply-To: Your message of Fri, 16 Oct 1998 18:26:52 +1000. <000b01bdf8dd$efcca8f0$70a29bc1@pc-edv-2.woehr.de> Message-ID: <199810162254.PAA29647@hpsdlz.sdd.hp.com> > When running ./configure on HP K360 with HP-UX 10.20 and HP Ansi-C-Compile > I get the following message: > > checking for four-argument statfs (AIX-3.2.5, SVR3)... no > checking for two-argument statfs with statfs.fsize member (4.4BSD and > NetBSD)... no > checking for two-argument statfs with struct fs_data (Ultrix)... no > checking configure summary > ERROR: No locking available. Running Samba would be unsafe > configure: error: summary failure. Aborting config > > What can I do ?? Runs fine for me here on HP-UX hpsdlz B.10.20 A 9000/735 2014393735 two-user license I run configure as export CC=cc export CFLAGS="-Ae" ./configure --with-mmap --prefix=/local And it runs fine ... Won't compile, but that not uncommon lately with so much hacking going on :-) Compiling smbwrapper/smbw.c with cc: "smbwrapper/smbw.c", line 1361: warning 618: Declaration of "stat64" not vis ible outside this function prototype scope. cc: "smbwrapper/smbw.c", line 1363: error 1530: Undefined struct or union. cc: "smbwrapper/smbw.c", line 1364: error 1530: Undefined struct or union. cc: "smbwrapper/smbw.c", line 1365: error 1530: Undefined struct or union. cc: "smbwrapper/smbw.c", line 1366: error 1530: Undefined struct or union. cc: "smbwrapper/smbw.c", line 1367: error 1530: Undefined struct or union. cc: "smbwrapper/smbw.c", line 1368: error 1530: Undefined struct or union. cc: "smbwrapper/smbw.c", line 1369: error 1530: Undefined struct or union. cc: "smbwrapper/smbw.c", line 1370: error 1530: Undefined struct or union. cc: "smbwrapper/smbw.c", line 1371: error 1530: Undefined struct or union. cc: "smbwrapper/smbw.c", line 1372: error 1530: Undefined struct or union. cc: "smbwrapper/smbw.c", line 1373: error 1530: Undefined struct or union. cc: "smbwrapper/smbw.c", line 1374: error 1530: Undefined struct or union. cc: "smbwrapper/smbw.c", line 1375: error 1530: Undefined struct or union. *** Error exit code 1 Stop. But configure runs fine ... -- Ken From tridge at samba.anu.edu.au Sat Oct 17 17:27:59 1998 From: tridge at samba.anu.edu.au (Andrew Tridgell) Date: Tue Dec 2 02:24:35 2003 Subject: FYI: cvs under redhat possible security concern... In-Reply-To: (message from Luke Kenneth Casson Leighton on Thu, 15 Oct 1998 16:05:00 +1000) References: Message-ID: <19981017172803Z12670500-482+1060@samba.anu.edu.au> The permissions problem is probably a bug in older versions of CVS. Get vers 1.10.1 or later. I tested this with a current version of CVS and the permissions are fine. It could also be a umask problem, but I think it's worthwhile using a current version of CVS anyway. Cheers, Tridge From mathewss at nutech.com Sat Oct 17 19:30:11 1998 From: mathewss at nutech.com (Sean Mathews) Date: Tue Dec 2 02:24:35 2003 Subject: No subject Message-ID: Compiling lib/bitmap.c with -fpic Compiling lib/crc32.c with -fpic Linking shared library bin/smbwrapper.so ld: No reference to __DYNAMIC make: *** [bin/smbwrapper.so] Error 1 just did a cvs today got this error any ideas? Regards Sean Mathews Nu Tech CTO struct SoftwareProfessional { double salary; long lunches; float jobs; char unstable; void work; short tempers; }; From mathewss at nutech.com Sat Oct 17 21:02:23 1998 From: mathewss at nutech.com (Sean Mathews) Date: Tue Dec 2 02:24:35 2003 Subject: __DYNAMIC problem fixed In-Reply-To: Message-ID: Ok i found a fix but not sure how it effects the current stuff so someone may need to modify a .config script or something i had to do this to my Makefile bin/smbwrapper.so: $(PICOBJS) @echo Linking shared library $@ @$(LD) -shared -Bshareable -o $@ $(PICOBJS) $(LIBS) i added -Bshareable here is my os info cloudy:source {113} uname -a NetBSD cloudy 1.3 NetBSD 1.3 (cloudy0197) #3: Sat Jan 17 16:10:34 PST 1998 raven@cloudy:/usr/src/sys/arch/i386/compile/cloudy0197 i386 cloudy:source {114} uptime 1:59PM up 230 days, 11:38, 6 users, load averages: 0.22, 0.52, 0.73 anything else i can provide on demand.. Regards On Sun, 18 Oct 1998, Sean Mathews wrote: > > Compiling lib/bitmap.c with -fpic > Compiling lib/crc32.c with -fpic > Linking shared library bin/smbwrapper.so > ld: No reference to __DYNAMIC > make: *** [bin/smbwrapper.so] Error 1 > > just did a cvs today got this error any ideas? > > > > Regards > Sean Mathews Nu Tech CTO > > struct SoftwareProfessional { > double salary; > long lunches; > float jobs; > char unstable; > void work; > short tempers; > }; > > > > > > From mathewss at nutech.com Sat Oct 17 21:13:52 1998 From: mathewss at nutech.com (Sean Mathews) Date: Tue Dec 2 02:24:35 2003 Subject: Just a simple question.. In-Reply-To: Message-ID: Under NT Server manager why is it that i can dbl click on my NT 3.51 system and pull up the "Properties of xxx" window but on my NT 4.0 boxes i cant? is there some password patch or somting i need to do to my 4.0 boxes? or is it some kinda of security problem? On nt 4.0 i seem to get "Access Denied" window Regards Sean Mathews Nu Tech CTO struct SoftwareProfessional { double salary; long lunches; float jobs; char unstable; void work; short tempers; }; From MATHOG at seqaxp.bio.caltech.edu Sat Oct 17 23:06:23 1998 From: MATHOG at seqaxp.bio.caltech.edu (MATHOG@seqaxp.bio.caltech.edu) Date: Tue Dec 2 02:24:35 2003 Subject: users can create in /temp, but not delete Message-ID: <981017160623.20208c82@seqaxp.bio.caltech.edu> Domain users can create files in C:\TEMP, but cannot delete them. This is for 1.9.19 alpha (yes, I know 2.0.x alpha is current, but I've never been able to make that work for NT logins with our NT 4 workstations and our new Linux server, so I'm stuck at 1.9.19 running on an SGI.) The ownership on all files created by domain users are "Account Unknown", and all such files have protections: Everybody FULL. So you'd think that anybody could delete them - but you'd be wrong. An attempt to move such a file to the trash results in: Cannot delete : Access is denied. Make sure this disk is not full or write protected and that the file is not currently in use. An attempt to grab ownership of such a file (from an domain account served from the Samba 1.9.19 server) was a VERY bad idea. It blew the desktop away and jammed the "properties -> security" window which was open. The only way out was ctrl-alt-del and logout. Oddly these files can be renamed, just not deleted. The administrator account on the workstation can delete the files with no problems. I don't know if this is related, but in the event viewer, all of the users from the domain just show up as numbers. It would be nice if they came up as "DOMAIN\joe_user", but the number is better than nothing. One unrelated question. If you move a bunch of NT workstations from one Samba domain controller to another, should you set the MACHINE SID's of the two controllers to be the same? If you don't, will the NT workstations refuse to be logged in from the new Samba controller? I ask, because that's what I see when I try to move mine, and I recall that there was something like this for NT Server running as a domain controller. Thanks, David Mathog mathog@seqaxp.bio.caltech.edu Manager, sequence analysis facility, biology division, Caltech From jerry at Eng.Auburn.EDU Sun Oct 18 00:43:40 1998 From: jerry at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:35 2003 Subject: Just a simple question.. In-Reply-To: References: Message-ID: <3.0.5.32.19981017194340.0091d620@pophost.eng.auburn.edu> At 07:16 AM 10/18/98 +1000, Sean Mathews wrote: > > Under NT Server manager why is it that i can dbl click >on my NT 3.51 system and pull up the "Properties of xxx" >window but on my NT 4.0 boxes i cant? is there some >password patch or somting i need to do to my 4.0 boxes? >or is it some kinda of security problem? > On nt 4.0 i seem to get "Access Denied" window Going to guess that is has to do with the guest account being disabled by default on NT4 machines and being enabled on 3.51 systems. j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From jerry at Eng.Auburn.EDU Sun Oct 18 00:48:51 1998 From: jerry at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:35 2003 Subject: users can create in /temp, but not delete In-Reply-To: <981017160623.20208c82@seqaxp.bio.caltech.edu> Message-ID: <3.0.5.32.19981017194851.00916b50@pophost.eng.auburn.edu> At 09:11 AM 10/18/98 +1000, MATHOG@seqaxp.bio.caltech.edu wrote: >Domain users can create files in C:\TEMP, but cannot delete them. What are the permissions on c:\temp? >An attempt to grab ownership of such a file (from an domain account served >from the Samba 1.9.19 server) was a VERY bad idea. It blew the desktop >away and jammed the "properties -> security" window which was open. The >only way out was ctrl-alt-del and logout. Yup. It's being worked. I think it will have to do with the lsalookupname() and lsalookupsid() functionality. >I don't know if this is related, but in the event viewer, all of the >users from the domain just show up as numbers. It would be nice if they >came up as "DOMAIN\joe_user", but the number is better than nothing. Same deal as the previous comment. >One unrelated question. If you move a bunch of NT workstations from one >Samba domain controller to another, should you set the MACHINE SID's of the >two controllers to be the same? If you don't, will the NT workstations >refuse to be logged in from the new Samba controller? I ask, because >that's what I see when I try to move mine, and I recall that there was >something like this for NT Server running as a domain controller. In essence, then you just want to replace the domain controller. If you use the same SID for two domains, they will functionaly be the same. It's not just the SID, put the machine trust accounts as well that matter. Hope this helps, j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From MATHOG at seqaxp.bio.caltech.edu Sun Oct 18 01:03:11 1998 From: MATHOG at seqaxp.bio.caltech.edu (MATHOG@seqaxp.bio.caltech.edu) Date: Tue Dec 2 02:24:35 2003 Subject: users can create in /temp, but not delete Message-ID: <981017180311.20208c82@seqaxp.bio.caltech.edu> Thanks for the suggestion. The problem wasn't C:\Temp but C:\Recycler. The ownership on the latter was set to the regular (nonDomain) user who had set up that system. Changing protections Everybody:Read -> Everybody:Full fixed it. Thanks, David Mathog mathog@seqaxp.bio.caltech.edu Manager, sequence analysis facility, biology division, Caltech From ken.mohr at wdc.com Sun Oct 18 21:23:31 1998 From: ken.mohr at wdc.com (Ken Mohr) Date: Tue Dec 2 02:24:35 2003 Subject: Switching to DOMAIN Error Message-ID: Hello, I'm just curious if anyone has ran into this error while trying to switch your NT workstation to the new samba domain. Error: You already have a connection to the domain. You must disconnect before joining the domain. Samba runs as a wins server as well as the primary domain controller. I am switching the from a different workgroup to the domain. Any solutions? Thanks, Ken Mohr From smurf at smurfsoft.dauenhauer.de Sun Oct 18 22:32:54 1998 From: smurf at smurfsoft.dauenhauer.de (Christian Kumpf) Date: Tue Dec 2 02:24:35 2003 Subject: Switching to DOMAIN Error In-Reply-To: from "Ken Mohr" at Oct 19, 98 07:28:53 am Message-ID: <199810182232.AAA00745@smurfsoft.dauenhauer.de> A non-text attachment was scrubbed... Name: not available Type: text Size: 286 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/19981019/c7c55626/attachment.bat From mathewss at nutech.com Mon Oct 19 06:14:03 1998 From: mathewss at nutech.com (Sean Mathews) Date: Tue Dec 2 02:24:35 2003 Subject: Just a simple question.. In-Reply-To: <3.0.5.32.19981017194340.0091d620@pophost.eng.auburn.edu> Message-ID: On Sun, 18 Oct 1998, Gerald Carter wrote: > At 07:16 AM 10/18/98 +1000, Sean Mathews wrote: > > > > Under NT Server manager why is it that i can dbl click > >on my NT 3.51 system and pull up the "Properties of xxx" > >window but on my NT 4.0 boxes i cant? is there some > >password patch or somting i need to do to my 4.0 boxes? > >or is it some kinda of security problem? > > On nt 4.0 i seem to get "Access Denied" window > > Going to guess that is has to do with the guest account > being disabled by default on NT4 machines and being > enabled on 3.51 systems. Ok i tried to enable the "Guest" account same situation. what can i do to determin where the problem lies? I figure if i can get this to fly and also i need to be able to view default shares like \\system\c$ but still cant. <-- Is it related? anyway any other ideas? Thanks for all yer help.. > > > > > > > j- > > > > > ________________________________________________________________________ > Gerald ( Jerry ) Carter > Engineering Network Services Auburn University > jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw > > "...a hundred billion castaways looking for a home." > - Sting "Message in a Bottle" ( 1979 ) > > > > > From cartegw at Eng.Auburn.EDU Mon Oct 19 11:38:50 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:35 2003 Subject: machine name entries References: <6375.9810160927@sun2.mcs.le.ac.uk> Message-ID: <362B24CA.AE4FF82F@eng.auburn.edu> J. A. Landamore wrote: > > Do I need to leave the machine_name entry in the password > table (nis+) after I have run smbpasswd to create the > machine_name$ entry in private/smbpasswd. If so could > someone please either explain briefly why, or point me to an > expanation. The descision to require machine accounts in /etc/passwd was after a long debate of how to ensure that the machine trust accounts had a unique uid. After the creation of the machine account in private/smbpasswd, the entry in /etc/passwd is no longer accessed but I would think it would be easier to leave them in there to prevent duplication. j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From cartegw at Eng.Auburn.EDU Mon Oct 19 11:46:21 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:35 2003 Subject: problem with samba on a NT domain References: <36274123.A044EDD2@mygale.org> Message-ID: <362B268D.B8D5325A@eng.auburn.edu> Remy Bruno wrote: > > write on shares other make for me. The other can access the shares I > make to them if they have an account on my machine by using the login > and password of their account, but not with the login/password of > REZO. Could you send me your smb.conf file and what version of Samba you are running (or the date of your last CVS update)? Thanks, j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From heinig at hdz-ima.rwth-aachen.de Mon Oct 19 15:40:08 1998 From: heinig at hdz-ima.rwth-aachen.de (Gerald Heinig) Date: Tue Dec 2 02:24:35 2003 Subject: Samba-NTDOM with NIS+ Homes doesn't compile Message-ID: <362B5D58.16413795@hdz-ima.rwth-aachen.de> Hi all, Today's (October 19th) CVS of Samba with NIS+ homes, NIS+ passwords and automount options set won't compile. Here's the compiler diagnostics: Using FLAGS = -g -O2 -Iinclude -I./include -I./ubiqx -I./smbwrapper -DSMBLOGFILE="/var/samba/log.smb" -DNMBLOGFILE="/var/samba/log.nmb" -DCONFIGFILE="/etc/samba/smb.conf" -DLMHOSTSFILE="/etc/samba/lmhosts" -DSWATDIR="/opt/samba/swat" -DSBINDIR="/opt/samba/bin" -DLOCKDIR="/var/samba/locks" -DSMBRUN="/opt/samba/bin/smbrun" -DCODEPAGEDIR="/etc/samba/codepages" -DDRIVERFILE="/etc/samba/printers.def" -DBINDIR="/opt/samba/bin" -DHAVE_INCLUDES_H -DSMB_PASSWD="/opt/samba/bin/smbpasswd" -DSMB_PASSWD_FILE="/etc/samba/private/smbpasswd" Using LIBS = -lsocket -lnsl -ldl -lpam Compiling lib/util.c In file included from lib/util.c:26: /usr/include/rpcsvc/nis.h:518: warning: `GROUP' redefined /usr/include/sys/acl.h:26: warning: this is the location of the previous definition In file included from lib/util.c:26: /usr/include/rpcsvc/nis.h:66: parse error before `(' *** Error code 1 make: Fatal error: Command failed for target `lib/util.o' Gerald From greg at discreet.com Mon Oct 19 17:06:04 1998 From: greg at discreet.com (Greg Dickie) Date: Tue Dec 2 02:24:35 2003 Subject: Wierdness in LATEST CVS Makefile Message-ID: Hi, Maybe its just me but it seems like the @if ! test -f lines in the latest cvs makefile don't work as they should. I've tried with sgi make and gnumake and I just get !: Not found Of course when it tries to link it cannot find the .o files. Also compile/link options for IRIX 6.2 in smbsh are incorrect. Please email me for details if you are interested. Regards, Greg --------------------------------------------------------------------- Greg Dickie Just A Guy* *from discreet logic Montreal (514) 954-7171 greg@discreet.com From lkcl at switchboard.net Mon Oct 19 18:30:02 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:35 2003 Subject: Wierdness in LATEST CVS Makefile In-Reply-To: Message-ID: it breaks for me with "mv failed", gcc (egcs 1.0.3) on slackware 3.4. On Tue, 20 Oct 1998, Greg Dickie wrote: > > Hi, > > > Maybe its just me but it seems like the @if ! test -f lines in the latest cvs > makefile don't work as they should. I've tried with sgi make and gnumake and I > just get > > !: Not found > > Of course when it tries to link it cannot find the .o files. > > Also compile/link options for IRIX 6.2 in smbsh are incorrect. > > Please email me for details if you are interested. > > Regards, > Greg > > > > --------------------------------------------------------------------- > Greg Dickie > Just A Guy* > *from discreet logic > Montreal > (514) 954-7171 > greg@discreet.com > > Luke Kenneth Casson Leighton Samba and Network Development Samba and Network Consultancy From cartegw at Eng.Auburn.EDU Mon Oct 19 17:38:52 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:35 2003 Subject: Wierdness in LATEST CVS Makefile References: Message-ID: <362B792C.C066180E@eng.auburn.edu> Greg Dickie wrote: > > Hi, > > Maybe its just me but it seems like the @if ! test -f lines > in the latest cvs makefile don't work as they should. I've > tried with sgi make and gnumake and I just get > > !: Not found > > Of course when it tries to link it cannot find the .o files. > > Also compile/link options for IRIX 6.2 in smbsh are incorrect. Change the shell in the Makefile from /bin/sh to something like bash and it will work. The problem has been reported. j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From lkcl at switchboard.net Mon Oct 19 18:36:34 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:35 2003 Subject: nt password change in samba Message-ID: ... has been added. this is a slightly more secure password change than the win95 version: it uses the previous nt hash to encrypt the new clear-text password instead of the win95 version using the lm hash. rpcclient has had an nt password change command for about... ten days, now. it negotiates "encrypted" sessions, which don't work on smbd yet (i'm on it, i'm on it!). at the very least, you can change your nt password from a unix command prompt now. rpcclient -S nt_server -W domain_name -U username Password: your_user's_password smb> ntpass New Password (only once - get it right! :-): new_user's_password smb> quit From greg at discreet.com Mon Oct 19 18:23:44 1998 From: greg at discreet.com (Greg Dickie) Date: Tue Dec 2 02:24:35 2003 Subject: Wierdness in LATEST CVS Makefile In-Reply-To: <362B792C.C066180E@eng.auburn.edu> Message-ID: cheers. Greg On 19-Oct-98 Gerald Carter wrote: > Greg Dickie wrote: >> >> Hi, >> >> Maybe its just me but it seems like the @if ! test -f lines >> in the latest cvs makefile don't work as they should. I've >> tried with sgi make and gnumake and I just get >> >> !: Not found >> >> Of course when it tries to link it cannot find the .o files. >> >> Also compile/link options for IRIX 6.2 in smbsh are incorrect. > > Change the shell in the Makefile from /bin/sh to something like > bash and it will work. The problem has been reported. > > > > > > j- > ________________________________________________________________________ > Gerald ( Jerry ) Carter > Engineering Network Services Auburn University > jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw > > "...a hundred billion castaways looking for a home." > - Sting "Message in a Bottle" ( 1979 ) --------------------------------------------------------------------- Greg Dickie Just A Guy* *from discreet logic Montreal (514) 954-7171 greg@discreet.com From tavis at mahler.econ.columbia.edu Mon Oct 19 18:36:41 1998 From: tavis at mahler.econ.columbia.edu (Tavis Barr) Date: Tue Dec 2 02:24:35 2003 Subject: nt password change in samba In-Reply-To: Message-ID: On Tue, 20 Oct 1998, Luke Kenneth Casson Leighton wrote: > .. has been added. this is a slightly more secure password change than > the win95 version: it uses the previous nt hash to encrypt the new > clear-text password instead of the win95 version using the lm hash. So does this mean we can now change the password on the NT boxes? Will it still not work for systems that don't compile with -DALLOW_CHANGE_PASSWORD? (I guess I'm being picky. Congratulations on getting this done). Thanks, Tavis From lkcl at switchboard.net Mon Oct 19 19:55:59 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:35 2003 Subject: nt password change in samba In-Reply-To: Message-ID: On Mon, 19 Oct 1998, Tavis Barr wrote: > > > On Tue, 20 Oct 1998, Luke Kenneth Casson Leighton wrote: > > > .. has been added. this is a slightly more secure password change than > > the win95 version: it uses the previous nt hash to encrypt the new > > clear-text password instead of the win95 version using the lm hash. > > So does this mean we can now change the password on the NT boxes? yes. the "domain" will have to be the local machine: rpcclient -S nt_wks_name -W nt_wks_name -U nt_local_account_name From peloy at ven.ra.rockwell.com Mon Oct 19 19:13:06 1998 From: peloy at ven.ra.rockwell.com (peloy@ven.ra.rockwell.com) Date: Tue Dec 2 02:24:35 2003 Subject: Wierdness in LATEST CVS Makefile References: Message-ID: <70g302$gkh$1@zeus.ven.ra.rockwell.com> Luke Kenneth Casson Leighton wrote: > it breaks for me with "mv failed", gcc (egcs 1.0.3) on slackware 3.4. Same here; I am using this small patch and everything works fine: --- Makefile.in.orig Mon Oct 19 09:15:44 1998 +++ Makefile.in Mon Oct 19 14:52:22 1998 @@ -269,9 +269,8 @@ dir=`echo $@ | sed 's,/[^/]*$$,,;s,^$$,.,'` $(MAKEDIR); fi @echo Compiling $*.c with @PICFLAG@ @$(CC) -I. -I$(srcdir) $(FLAGS) @PICFLAG@ -c $< - @if ! test -f $@; then mv `basename $@` $@; fi \ + @if ! test -f $@; then mv `basename $*.o` $@; fi \ @MAINT@ -Wp,-MD,.deps/`echo $* | sed s,/,_,g`.P && : >.deps/.stamp - @mv $@.o $@ # this is for IRIX .c.po32: @MAINT@ .deps/.dummy @@ -279,9 +278,8 @@ dir=`echo $@ | sed 's,/[^/]*$$,,;s,^$$,.,'` $(MAKEDIR); fi @echo Compiling $*.c with @PICFLAG@ and -32 @$(CC) -32 -I. -I$(srcdir) $(FLAGS) @PICFLAG@ -c $< - @if ! test -f $@; then mv `basename $@` $@; fi \ + @if ! test -f $@; then mv `basename $*.o` $@; fi \ @MAINT@ -Wp,-MD,.deps/`echo $* | sed s,/,_,g`.P && : >.deps/.stamp - @mv $@.o $@ bin/.dummy: @if (: >> $@ || : > $@) >/dev/null 2>&1; then :; else \ From cartegw at Eng.Auburn.EDU Mon Oct 19 19:29:24 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:35 2003 Subject: nt password change in samba References: Message-ID: <362B9314.F26D13EE@eng.auburn.edu> Luke Kenneth Casson Leighton wrote: > > > So does this mean we can now change the password on the NT boxes? > > yes. the "domain" will have to be the local machine: > > rpcclient -S nt_wks_name -W nt_wks_name -U nt_local_account_name To clarify, what luke is saying (i think) is that a large chunk of the puzzle has been solved. This does not mean that you can change you NT password from and NT box using the CTRL+ALT+DEL -> Change Password option. You can change your password using the rpcclient utility using the above commands. j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From lkcl at switchboard.net Mon Oct 19 20:53:19 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:35 2003 Subject: nt password change in samba In-Reply-To: <362B9314.F26D13EE@eng.auburn.edu> Message-ID: On Tue, 20 Oct 1998, Gerald Carter wrote: > Luke Kenneth Casson Leighton wrote: > > > > > So does this mean we can now change the password on the NT boxes? > > > > yes. the "domain" will have to be the local machine: > > > > rpcclient -S nt_wks_name -W nt_wks_name -U nt_local_account_name > > To clarify, what luke is saying (i think) is that a large chunk > of the puzzle has been solved. This does not mean that you can change > you NT password from and NT box using the > > CTRL+ALT+DEL -> Change Password > > option. weeelll.... if i took out the (broken) encrypted dce/rpc code, or fixed it, then yes, you could. From Simon.Levitt at uk.worldpay.com Mon Oct 19 20:41:21 1998 From: Simon.Levitt at uk.worldpay.com (Simon Levitt) Date: Tue Dec 2 02:24:35 2003 Subject: Problem with USRMGR.exe Message-ID: <199810192041.VAA13061@mail.cam.uk.worldpay.com> I've been reading the messages about USRMGR.exe working correctly, and wondering why it doesn't here. I've been doing some digging and have traced the point at which our compiled version fails: Solaris 2.6 Samba CVS'd as of about 1hr ago. Stack trace from gdb: #0 0xef64655c in t_splay () #1 0xef6463cc in t_delete () #2 0xef645dac in realloc () #3 0xa3190 in Realloc (p=0x122148, size=4178) at lib/util.c:3159 #4 0x9c2b4 in mem_realloc_data (buf=0xfb318, new_size=3154) at lib/membuffer.c:255 #5 0x72828 in api_rpc_command (p=0xfda48, rpc_name=0xbe338 "api_samr_rpc", api_rpc_cmds=0xe1aac, data=0xeffff380) at rpc_server/srv_util.c:674 #6 0x728ec in api_rpcTNP (p=0xfda48, rpc_name=0xbe338 "api_samr_rpc", api_rpc_cmds=0xe1aac, data=0xeffff380) at rpc_server/srv_util.c:695 #7 0x6fa90 in api_samr_rpc (p=0xfda48, data=0xeffff380) at rpc_server/srv_samr.c:1452 #8 0x724ec in api_pipe_request (p=0xfda48, pd=0xeffff380) at rpc_server/srv_util.c:572 #9 0x725d8 in rpc_command (p=0xfda48, pd=0xeffff380) at rpc_server/srv_util.c:608 #10 0x35b00 in api_fd_reply (conn=0xeffff380, vuid=100, outbuf=0x10ff09 "", setup=0x26, data=0xfcf30 "\005", params=0x0, suwcnt=2, tdscnt=60, tpscnt=0, mdrcnt=1024, mprcnt=0) at smbd/ipc.c:3236 #11 0x36274 in named_pipe (conn=0xfceb0, vuid=100, outbuf=0x10ff09 "", name=0xeffff4d6 "", setup=0xff1c8, data=0xfcf30 "\005", params=0x0, suwcnt=2, tdscnt=60, tpscnt=0, msrcnt=0, mdrcnt=1024, mprcnt=0) at smbd/ipc.c:3458 #12 0x369c8 in reply_trans (conn=0xfceb0, inbuf=0xffb01 "", outbuf=0x10ff09 "", size=0, bufsize=61440) at smbd/ipc.c:3597 #13 0x53368 in switch_message (type=9, inbuf=0xffb01 "", outbuf=0x10ff09 "", size=140, bufsize=61440) at smbd/process.c:489 #14 0x533f4 in construct_reply (inbuf=0xffb01 "", outbuf=0x10ff09 "", size=140, bufsize=61440) at smbd/process.c:522 #15 0x535b4 in process_smb (inbuf=0xffb01 "", outbuf=0x10ff09 "") at smbd/process.c:592 #16 0x53f28 in smbd_process () at smbd/process.c:936 #17 0x25c38 in main (argc=0, argv=0xeffffc14) at smbd/server.c:713 Does this give anyone any bright ideas? The only oddity I've found is that buf->data and p don't match across the function call to Realloc - but that could be caused by the crash... (removing -O2 from the compilation doesn't help either). Simon., ----------------------------------------------------------------------- Simon Levitt, Consultant/Software Engineer @ WorldPay Ltd., Orwell House, Cowley Road, Cambridge, CB4 4WY, ENGLAND. Simon.Levitt@uk.worldpay.com Ph:+44(0)1223 715151 F:+44(0)1223 715157 ----------------------- http://www.worldpay.com/ ---------------------- From lkcl at switchboard.net Mon Oct 19 22:40:38 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:35 2003 Subject: Problem with USRMGR.exe In-Reply-To: <199810192041.VAA13061@mail.cam.uk.worldpay.com> Message-ID: simon, how many users do you have? can you find out which samr command it is failing on by looking at log.smb or using gdb? i need to know the "opnum".\ btw the static structure in one of the samr calls copes only with about 24 or so users (MAX_SAMR_xxx) luke From jal at mcs.le.ac.uk Tue Oct 20 14:27:50 1998 From: jal at mcs.le.ac.uk (J. A. Landamore) Date: Tue Dec 2 02:24:35 2003 Subject: Is this list archived? Message-ID: <9560.9810201427@sun2.mcs.le.ac.uk> A non-text attachment was scrubbed... Name: not available Type: text Size: 399 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/19981020/e6be12c0/attachment.bat From william at hae.com Tue Oct 20 14:51:20 1998 From: william at hae.com (William Stuart) Date: Tue Dec 2 02:24:35 2003 Subject: Is this list archived? In-Reply-To: <9560.9810201427@sun2.mcs.le.ac.uk> Message-ID: http://samba.anu.edu.au/listproc --- William Stuart (william@hae.com) "Don't rush me sonny. You rush a miracle man you get rotten miracles." --Miracle Max, "The Princess Bride" On Wed, 21 Oct 1998, J. A. Landamore wrote: > Date: Wed, 21 Oct 1998 00:33:15 +1000 > From: J. A. Landamore > To: Multiple recipients of list > Subject: Is this list archived? > > Time for the red face of embarrassment, are e-mails to this list archived > anywhere? I have a question, the answer to which was posted about 10 days ago. > However my local copy of samba-ntdom got trashed well and truly earlier today. > Yes I can (hopefully :-) recover it from the backup tapes but to be honest it is > a pain I could do without if they are archived. > > Yours in hope > > John Landamore > From lkcl at switchboard.net Tue Oct 20 17:21:17 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:35 2003 Subject: Problem with USRMGR.exe In-Reply-To: <199810192041.VAA13061@mail.cam.uk.worldpay.com> Message-ID: On Tue, 20 Oct 1998, Simon Levitt wrote: > I've been reading the messages about USRMGR.exe working correctly, and > wondering why it doesn't here. I've been doing some digging and have > traced the point at which our compiled version fails: > #3 0xa3190 in Realloc (p=0x122148, size=4178) at lib/util.c:3159 > #4 0x9c2b4 in mem_realloc_data (buf=0xfb318, new_size=3154) > at lib/membuffer.c:255 this size (3154) is probably a bit too large, so i've liberally sprinkled "prs_grow(ps)" calls around the place. try it now (cvs update). From Simon.Levitt at uk.worldpay.com Tue Oct 20 18:02:22 1998 From: Simon.Levitt at uk.worldpay.com (Simon Levitt) Date: Tue Dec 2 02:24:35 2003 Subject: Problem with USRMGR.exe In-Reply-To: References: <199810192041.VAA13061@mail.cam.uk.worldpay.com> Message-ID: <199810201802.TAA17875@mail.cam.uk.worldpay.com> Luke Kenneth Casson Leighton wrote on 21 Oct 98, (2:26): > this size (3154) is probably a bit too large, so i've liberally sprinkled > "prs_grow(ps)" calls around the place. try it now (cvs update). > Well blow me if I can now get a list of users!... The immediately obvious problem I can see is that some user details are being duplicated. I've got entries repeated twice, three times, and one four times - with no decernable(sp!) pattern to it! I'm presuming the Groups stuff shouldn't work at this time. Cheers, we're making progress!... Simon., ----------------------------------------------------------------------- Simon Levitt, Consultant/Software Engineer @ WorldPay Ltd., Orwell House, Cowley Road, Cambridge, CB4 4WY, ENGLAND. Simon.Levitt@uk.worldpay.com Ph:+44(0)1223 715151 F:+44(0)1223 715157 ----------------------- http://www.worldpay.com/ ---------------------- From lkcl at switchboard.net Tue Oct 20 19:16:49 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:35 2003 Subject: Problem with USRMGR.exe In-Reply-To: <199810201802.TAA17875@mail.cam.uk.worldpay.com> Message-ID: On Wed, 21 Oct 1998, Simon Levitt wrote: > Luke Kenneth Casson Leighton wrote on 21 Oct 98, (2:26): > > > this size (3154) is probably a bit too large, so i've liberally sprinkled > > "prs_grow(ps)" calls around the place. try it now (cvs update). > > > Well blow me if I can now get a list of users!... whoopiteedoo. > The immediately obvious problem I can see is that some user details are > being duplicated. I've got entries repeated twice, three times, and one > four times - with no decernable(sp!) pattern to it! hum. i wonder... can you send me a (probably large) log.smb output of the 0x28 samr call? from the request, right through the pretty-print output of the samr_query_dispinfo call.. that should do it. actually, probably just the pretty-print output would do. > I'm presuming the Groups stuff shouldn't work at this time. correct. that's my next task (other than the encrypted rpcs). From dkrovich at wvu.edu Tue Oct 20 18:24:48 1998 From: dkrovich at wvu.edu (David Krovich) Date: Tue Dec 2 02:24:35 2003 Subject: NIS+ smbpasswd table Message-ID: Has anyone considered making an NIS+ table that would essentially contain the same fields that are stored in the smbpasswd file? One benefit I can see from this, is that you can then delegate administrative control of that table the same way NIS+ lets you delegate adminstrative control to the namespace. I'm also debating the benefits of sharing this table to different machines on the network. With this setup, you could run multiple Samba NT-domains authenticating to the same NIS+ database. The thing is, I can't figure why this would be a good idea, and I got a h eadache thinking about it... Once I get over my headache, I'll try and think more about it. From lkcl at switchboard.net Tue Oct 20 20:08:56 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:35 2003 Subject: NIS+ smbpasswd table In-Reply-To: Message-ID: On Wed, 21 Oct 1998, David Krovich wrote: > Has anyone considered making an NIS+ table that would essentially > contain the same fields that are stored in the smbpasswd file? yes. passdb/nisp.c From william at hae.com Tue Oct 20 19:59:17 1998 From: william at hae.com (William Stuart) Date: Tue Dec 2 02:24:35 2003 Subject: SWAT Auth trouble Message-ID: Running cvs main branch as of 10/20/98, 1:30 PST (8am in Oz, I guess). I can't authenticate to SWAT. OS: RH5.1 Browser: Netscape and Lynx Compile: No errors Kernel: 2.0.34 --- William Stuart (william@hae.com) "Don't rush me sonny. You rush a miracle man you get rotten miracles." --Miracle Max, "The Princess Bride" From lkcl at switchboard.net Tue Oct 20 23:23:58 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:35 2003 Subject: cvs update recommended Message-ID: anyone who has done a cvs update in the last few hours is recommended to do another one, to get a fix for a bug in smbd/ipc.c. luke From lkcl at switchboard.net Wed Oct 21 00:48:49 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:35 2003 Subject: nt password changing now works. Message-ID: ok. i got encrypted rpcs in smbd working, tested with "small", i.e only one dce/rpc fragment. i've yet to see an encrypted rpc large enough to fit into more than one dce/rpc fragment. although, i could set the fragment size to something bizarre and small.... hm. ok. testing against a workstation logged in to a samba domain... ctrl-alt-del | change password... password change works! oh yeah! i tried testing earlier by typing in the domain name, i got a UDP SAMLOGON query which i had to fix by always putting the unicode data at the end of the response, but to no avail. it forces an SMBtrans2 password change _not_ a \PIPE\samr one. wierd. there must be something else in there. so, to recap, in one sentence: password changing for nt workstations that are a member of a samba domain now works. luke From greg at discreet.com Wed Oct 21 01:50:31 1998 From: greg at discreet.com (Greg Dickie) Date: Tue Dec 2 02:24:35 2003 Subject: Domain admin users Message-ID: Hi, I'm not sure if this is supposed to work yet so forgive me if I'm jumping the gun. How do I declare a Domain administrator on my samba PDC and can I add the domain admins to the Administrators group on each machine and have it work? Also on a completely unrelated note, if I'm in a domain it seems like I cannot browse any of the other samba machines even if they use the samba PDC as a password server. Does this sound right? I'm seeing alot of messages about the NT password not being correct, using LanMan in the logs. Keep up the great work it is most excellent! Even smbsh compiles on IRIX 6.2 now, I'll have to figure out how to use it. Cheers, Greg ---------------------------------- Greg Dickie just a guy* *from Discreet Logic ---------------------------------- From D.Bannon at latrobe.edu.au Wed Oct 21 02:35:17 1998 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:24:35 2003 Subject: nt password changing now works. In-Reply-To: Message-ID: <3.0.3.32.19981021123517.00745fd8@bioserve.biochem.latrobe.edu.au> At 10:02 AM 21/10/1998 +1000, Luke Kenneth Casson Leighton wrote: > >ok. testing against a workstation logged in to a samba domain... >ctrl-alt-del | change password... password change works! oh yeah! > Sure does ! Thats great. I notice that the /etc/passwd passwd has not changed, its not used at all now (by samba) ? Its really great work, thanks Luke ! David ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From svedja at lysator.liu.se Wed Oct 21 10:36:57 1998 From: svedja at lysator.liu.se (Dejan Ilic) Date: Tue Dec 2 02:24:35 2003 Subject: NT4 service pack 4 Message-ID: For those of you that didn't know SP4 is out. Have anybody had the guts to test it against samba ? http://www.microsoft.com/ntserver/nts/downloads/recommended/NT4SvcPk4/default.asp Dejan From svedja at lysator.liu.se Wed Oct 21 11:21:08 1998 From: svedja at lysator.liu.se (Dejan Ilic) Date: Tue Dec 2 02:24:35 2003 Subject: NT4 service pack 4 In-Reply-To: <362DBFD1.6E229DC7@student.unsw.edu.au> Message-ID: Yes, I just saw that the link is "broken" and points back to SP3. Sorry for the inconvience. Newspapers in Sweden says that SP4 is delayed until sometimes this week. But the "whats new" information is quite interesting reading. Some of those things will probably make problems with Samba. Anybody with knowledge who can comment ? Dejan On Wed, 21 Oct 1998, Matt Chapman wrote: > Dejan Ilic wrote: > > > For those of you that didn't know SP4 is out. Have anybody had the > > guts to test it against samba ? > > > > http://www.microsoft.com/ntserver/nts/downloads/recommended/NT4SvcPk4/default.asp > > > > Where is it? I can't seem to find the actual Service Pack anywhere. > > Matt > > > -- > Matt Chapman > E-mail: mattyc@cyberdude.com > > > > ===================================================================== Dejan Ilic, Tech Univ. of Linkoping, Sweden Phone:+46-13-473 01 06 Email: svedja@lysator.liu.se Web: http://www.lysator.liu.se/~svedja ===================================================================== [finger -l svedja@lysator.liu.se for public PGP key] From dave at www.buffalostate.edu Wed Oct 21 13:09:26 1998 From: dave at www.buffalostate.edu (Dave J. Andruczyk) Date: Tue Dec 2 02:24:35 2003 Subject: NT4 service pack 4 In-Reply-To: Message-ID: > For those of you that didn't know SP4 is out. Have anybody had the > guts to test it against samba ? > > http://www.microsoft.com/ntserver/nts/downloads/recommended/NT4SvcPk4/default.asp unfortuanetly micro$oft's links are broken, and they take you to the SP3 download pages.. :) dave From mblack at csi.cc Wed Oct 21 15:03:40 1998 From: mblack at csi.cc (Mike Black) Date: Tue Dec 2 02:24:35 2003 Subject: nt password changing now works. Message-ID: <027a01bdfd03$fd348a10$32de11cc@mblack.csihq.com> Quick question on this...how does this synchronize with /etc/passwd??? Would like to allow the NT users to change their Unix password using their NT workstations. -----Original Message----- From: Luke Kenneth Casson Leighton To: Multiple recipients of list Date: Tuesday, October 20, 1998 8:04 PM Subject: nt password changing now works. ok. i got encrypted rpcs in smbd working, tested with "small", i.e only one dce/rpc fragment. i've yet to see an encrypted rpc large enough to fit into more than one dce/rpc fragment. although, i could set the fragment size to something bizarre and small.... hm. ok. testing against a workstation logged in to a samba domain... ctrl-alt-del | change password... password change works! oh yeah! i tried testing earlier by typing in the domain name, i got a UDP SAMLOGON query which i had to fix by always putting the unicode data at the end of the response, but to no avail. it forces an SMBtrans2 password change _not_ a \PIPE\samr one. wierd. there must be something else in there. so, to recap, in one sentence: password changing for nt workstations that are a member of a samba domain now works. luke From amol at memcad.com Wed Oct 21 15:17:04 1998 From: amol at memcad.com (Amol Karnik) Date: Tue Dec 2 02:24:36 2003 Subject: nt password changing now works. References: Message-ID: <362DFAF0.B6AE9E23@memcad.com> umm i tried this after doing an update today morning, and it doesnt work for me. details : cvs code : latest ( did a cvs update, cvs -t update) did an rm -rf and a ./configure with no option other than --prefix and did a make samba is running on solaris2.5.1 with latest patches samba is logon server, wins server. profiles are roaming profiles stored on the samba server. client is NT4.0 workstation with service pack 3 domain logon works perfect. profiles are downloaded perfectly. (there are no local accounts) i did a c-a-d and change passwd, but it returns saying "the user name or old password is incorrect. letters in password must be typed using the correct case. make sure that caps lock is not accidently on" when i compiled i did notice the following warnings : =========================== Compiling smbd/chgpasswd.c "smbd/chgpasswd.c", line 638: warning: argument #1 is incompatible with prototype: prototype: pointer to char : "include/proto.h", line 511 argument : pointer to uchar Compiling smbd/connection.c Compiling smbd/dfree.c Compiling smbd/dir.c Compiling smbd/password.c Compiling smbd/conn.c Compiling smbd/fileio.c Compiling smbd/ipc.c "smbd/ipc.c", line 1735: warning: argument #3 is incompatible with prototype: prototype: pointer to uchar : "include/proto.h", line 2024 argument : pointer to char Compiling smbd/mangle.c ..... .... Compiling smbd/open.c "smbd/open.c", line 578: warning: integer overflow detected: op "<<" ... ... Compiling rpc_parse/parse_samr.c "rpc_parse/parse_samr.c", line 2737: warning: syntax error: empty declaration ..... ..... Compiling lib/util.c "lib/util.c", line 4392: warning: integer overflow detected: op "<<" "lib/util.c", line 4405: warning: integer overflow detected: op "<<" ... ... Compiling lib/util.c with -Kpic "lib/util.c", line 4392: warning: integer overflow detected: op "<<" "lib/util.c", line 4405: warning: integer overflow detected: op "<<" ========================== a relevant part of the log.machine$ file with a debug level of 10 is shown below ===================== [1998/10/21 11:08:25, 5] passdb/smbpass.c:(252) getsmbfilepwent: returning passwd entry for user amol, uid 227 [1998/10/21 11:08:25, 10] passdb/passdb.c:(146) found by name: amol [1998/10/21 11:08:25, 7] passdb/smbpass.c:(81) endsmbfilepwent: closed password file. [1998/10/21 11:08:25, 0] smbd/chgpasswd.c:(680) check_oem_password: incorrect password length (-663635885). [1998/10/21 11:08:25, 5] rpc_parse/parse_samr.c:(2776) make_r_chgpasswd_user [1998/10/21 11:08:25, 5] rpc_parse/parse_prs.c:(36) 000000 samr_io_r_chgpasswd_user [1998/10/21 11:08:25, 5] rpc_parse/parse_prs.c:(139) 2ca6f8 status: c000006a [1998/10/21 11:08:25, 5] rpc_server/srv_samr.c:(750) samr_chgpasswd_user: 750 [1998/10/21 11:08:25, 10] rpc_server/srv_util.c:(755) called api_samr_rpc [1998/10/21 11:08:25, 5] rpc_server/srv_util.c:(175) create_rpc_reply: data_start: 0 data_end: 4 max_tsize: 5680 [1998/10/21 11:08:25, 5] rpc_parse/parse_prs.c:(36) 000000 smb_io_rpc_hdr hdr [1998/10/21 11:08:25, 5] rpc_parse/parse_prs.c:(111) 272a10 major : 05 [1998/10/21 11:08:25, 5] rpc_parse/parse_prs.c:(111) [1998/10/21 11:08:35, 5] smbd/uid.c:(343) unbecome_user now uid=(0,0) gid=(0,0) [1998/10/21 11:09:25, 6] param/loadparm.c:(1743) lp_file_list_changed() file /usr/local/samba/lib/smb.conf -> /usr/local/samba/lib/smb.conf last mod_time: Tue Oct 20 15:22:06 1998 ========================================= btw, you guys are doing a great job. keep it up folks. your work does not go unappreciated. regards, amol Luke Kenneth Casson Leighton wrote: > > ok. > > i got encrypted rpcs in smbd working, tested with "small", i.e only one > dce/rpc fragment. i've yet to see an encrypted rpc large enough to fit > into more than one dce/rpc fragment. although, i could set the fragment > size to something bizarre and small.... hm. > > ok. testing against a workstation logged in to a samba domain... > ctrl-alt-del | change password... password change works! oh yeah! > > i tried testing earlier by typing in the domain name, i got a UDP SAMLOGON > query which i had to fix by always putting the unicode data at the end of > the response, but to no avail. it forces an SMBtrans2 password change > _not_ a \PIPE\samr one. wierd. there must be something else in there. > > so, to recap, in one sentence: password changing for nt workstations that > are a member of a samba domain now works. > > luke From smurf at proxima.dauenhauer.de Wed Oct 21 15:42:23 1998 From: smurf at proxima.dauenhauer.de (Christian Kumpf) Date: Tue Dec 2 02:24:36 2003 Subject: nt password changing now works. In-Reply-To: <027a01bdfd03$fd348a10$32de11cc@mblack.csihq.com> from "Mike Black" at Oct 22, 98 01:05:48 am Message-ID: <199810211542.RAA14248@proxima.dauenhauer.de> A non-text attachment was scrubbed... Name: not available Type: text Size: 688 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/19981021/4a6c53d7/attachment.bat From lkcl at switchboard.net Wed Oct 21 17:07:30 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:36 2003 Subject: nt password changing now works. In-Reply-To: <3.0.3.32.19981021123517.00745fd8@bioserve.biochem.latrobe.edu.au> Message-ID: On Wed, 21 Oct 1998, David Bannon wrote: > At 10:02 AM 21/10/1998 +1000, Luke Kenneth Casson Leighton wrote: > > > >ok. testing against a workstation logged in to a samba domain... > >ctrl-alt-del | change password... password change works! oh yeah! > > > > Sure does ! Thats great. I notice that the /etc/passwd passwd has not > changed, its not used at all now (by samba) ? put "unix password sync = yes" in smb.conf. > Its really great work, thanks Luke ! remember, guys, that this has a tendency to fall back on the "SMBtrans2" password change, i don't yet know why. so please don't think it's exactly the same behaviour as an nt server... yet :) From lkcl at switchboard.net Wed Oct 21 17:23:58 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:36 2003 Subject: nt password changing now works. In-Reply-To: <199810211542.RAA14248@proxima.dauenhauer.de> Message-ID: On Thu, 22 Oct 1998, Christian Kumpf wrote: > Hi, > > > Quick question on this...how does this synchronize with /etc/passwd??? > > Would like to allow the NT users to change their Unix password using their > > NT workstations. > > as far I understand the differences between NT and UNIX authentication, this > is impossible! > > The NT boxes (and hence samba) allways send encrypted passwords (encrypted > with NT password algorithm). The UNIX boxes expect cleartext passwords and > do a crypt()-call before storage in /etc/passwd and before comparing. hee hee hee. christian, the nt password change and the win95 password change send you the new password in clear-text, encrypted with the old nt hash or old lm hash. so yes, it is possible... From william at hae.com Wed Oct 21 17:46:48 1998 From: william at hae.com (William Stuart) Date: Tue Dec 2 02:24:36 2003 Subject: nt password changing now works. In-Reply-To: Message-ID: On Thu, 22 Oct 1998, Luke Kenneth Casson Leighton wrote: [...schnipp...] > hee hee hee. christian, the nt password change and the win95 password > change send you the new password in clear-text, encrypted with the old nt > hash or old lm hash. > > so yes, it is possible... > > That's not just security, that's MICROSOFT Security! Congratulations to Luke, Andrew, Jeremy, Gerald, Jean-Francois, Alexandre and the rest SAMBA team for all their hard work and another significant milestone reached! --- William Stuart (william@hae.com) "Don't rush me sonny. You rush a miracle man you get rotten miracles." --Miracle Max, "The Princess Bride" From lkcl at switchboard.net Wed Oct 21 19:05:17 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:36 2003 Subject: Problem with USRMGR.exe In-Reply-To: Message-ID: ok, i just added "start index" skipping: multiple querydispinfo calls can be received. duplicate entries should now not occur. From lharold at mrc.uidaho.edu Wed Oct 21 18:34:35 1998 From: lharold at mrc.uidaho.edu (Len Harold) Date: Tue Dec 2 02:24:36 2003 Subject: Config Error in latest CVS? Message-ID: <199810211834.LAA02658@hydra.mrc.uidaho.edu> Guys, I am anxiously wanting to test the new code but running configure on an HP9000/D380 running a heavily patched HP-UX 10.20 fails with the message: ERROR: No locking available. Running Samba would be unsafe Looking back through the messages I see: ... checking for sys/fcntl.h... yes . checking for fcntl.h... yes ... checking for _fcntl... yes checking for __fcntl... no ... checking for fcntl locking... no checking for 64 bit fcntl locking... no ... So it is finding the header files but not parsing them correctly. Here is a small part of /usr/include/sys/fcntl.h: /* $Header: fcntl.h,v 1.30.98.12 98/02/18 06:24:10 dianes Exp $ */ /* * @(#)fcntl.h $Date: 98/02/18 06:24:10 $ $Revision: 1.30.98.12 $ PATCH_10.20 (PHKL_14173) */ ... #if !defined(_FILE64) # define F_GETLK 5 /* Get file lock */ # define F_SETLK 6 /* Set file lock */ # define F_SETLKW 7 /* Set file lock and wait */ #else # define F_GETLK 8 /* FILE_OFFSET_BITS=64 name space */ # define F_SETLK 9 /* Map GET/SETLK to their 64-bit */ # define F_SETLKW 10 /* counter parts */ #endif /* !_FILE64 */ . #if defined(_LARGEFILE64_SOURCE) || defined(_KERNEL) # define F_GETLK64 8 /* 64-bit get file lock */ # define F_SETLK64 9 /* 64-bit set file lock */ # define F_SETLKW64 10 /* 64-bit set file lock and wait */ #endif /* _LARGEFILE64_SOURCE || _KERNEL */ That should be enough to prove that both types of file locking exists. The old configure scripts have always worked, unfortunately I don't have one around to diff against. The entire output from ./configure is listed below my sig. Feel free to email me for more info. thanks, Len -- ___ ___ ___ ________ ______ /| | /\ \ /| \|\ _ \/\ __\ Len Harold | | | \ \ - | \ \ \_\ /_ \ \_/ Systems Engineer | | \ \ \ \ _|\ \ \ _ \ \ \___ Phone: 208-885-7034 | | \ \ \__\/\ \__\ \__\ \__\ \_____\ Fax: 208-885-6840 | |* | \/__/ \/__/\/__/\/__/\/_____/ Email: len@mrc.uidaho.edu |/\ |/\ Web: www.mrc.uidaho.edu \/ \_/\ /| | Microelectronics Research | | | and Communications Institute | |____________| at the University of Idaho |/____________/ -- loading cache ./config.cache checking for gcc... no checking for cc... cc checking whether the C compiler (cc ) works... yes checking whether the C compiler (cc ) is a cross-compiler... no checking whether we are using GNU C... no checking for a BSD compatible install... /opt/imake/bin/install -c checking for mawk... no checking for gawk... no checking for nawk... no checking for awk... awk checking host system type... hppa1.0-hp-hpux10.20 checking target system type... hppa1.0-hp-hpux10.20 checking build system type... hppa1.0-hp-hpux10.20 checking config.cache system type... same checking for autoconf... autoconf checking for autoheader... autoheader checking whether cc accepts -fpic... no checking whether cc accepts -Kpic... no checking whether cc accepts -KPIC... no checking for inline... no checking how to run the C preprocessor... cc -E checking for ANSI C header files... yes checking for dirent.h that defines DIR... yes checking for opendir in -ldir... no checking whether time.h and sys/time.h may both be included... yes checking for sys/wait.h that is POSIX.1 compatible... yes checking for sys/fcntl.h... yes checking for sys/select.h... no checking for fcntl.h... yes checking for sys/time.h... yes checking for sys/unistd.h... yes checking for unistd.h... yes checking for utime.h... yes checking for grp.h... yes checking for sys/id.h... no checking for limits.h... yes checking for memory.h... yes checking for net/if.h... yes checking for compat.h... no checking for rpc/types.h... yes checking for rpc/xdr.h... yes checking for rpc/auth.h... yes checking for rpc/clnt.h... yes checking for rpcsvc/yp_prot.h... yes checking for rpcsvc/ypclnt.h... yes checking for sys/param.h... yes checking for ctype.h... yes checking for sys/wait.h... (cached) yes checking for sys/resource.h... yes checking for sys/ioctl.h... yes checking for sys/mode.h... no checking for sys/filio.h... no checking for string.h... yes checking for strings.h... yes checking for stdlib.h... yes checking for sys/socket.h... yes checking for sys/mount.h... yes checking for sys/vfs.h... yes checking for sys/fs/s5param.h... no checking for sys/filsys.h... yes checking for termios.h... yes checking for sys/statfs.h... no checking for sys/dustat.h... no checking for sys/statvfs.h... yes checking for stdarg.h... yes checking for sys/sockio.h... no checking for shadow.h... no checking for netinet/tcp.h... yes checking for sys/security.h... no checking for security/pam_appl.h... no checking for stropts.h... yes checking for poll.h... yes checking for readline.h... no checking for history.h... no checking for readline/readline.h... no checking for readline/history.h... no checking for sys/capability.h... no checking for syscall.h... yes checking for sys/syscall.h... yes checking for sys/acl.h... yes checking for sys/cdefs.h... no checking size of int... 4 checking size of long... 4 checking size of short... 2 checking for working const... no checking for inline... (cached) no checking whether byte ordering is bigendian... yes checking whether char is unsigned... no checking return type of signal handlers... void checking for uid_t in sys/types.h... yes checking for mode_t... yes checking for off_t... yes checking for size_t... yes checking for pid_t... yes checking for st_rdev in struct stat... yes checking for d_off in dirent... no checking for ino_t... yes checking for loff_t... no checking for offset_t... no checking for ssize_t... yes checking for errno in errno.h... yes checking for setresuid declaration... yes checking for crypt declaration... yes checking for real setresuid... yes checking for 8-bit clean memcmp... yes checking for crypt... yes checking for pam_authenticate... no checking for pam_authenticate in -lpam... no checking for connect... yes checking for waitpid... yes checking for getcwd... yes checking for strdup... yes checking for strerror... yes checking for chown... yes checking for chmod... yes checking for chroot... yes checking for fstat... yes checking for strchr... yes checking for utime... yes checking for utimes... yes checking for getrlimit... yes checking for fsync... yes checking for execl... yes checking for bzero... yes checking for memset... yes checking for memmove... yes checking for vsnprintf... yes checking for setsid... yes checking for glob... yes checking for strpbrk... yes checking for pipe... yes checking for crypt16... no checking for getauthuid... no checking for strftime... yes checking for sigprocmask... yes checking for sigblock... yes checking for sigaction... yes checking for innetgr... yes checking for initgroups... yes checking for select... yes checking for rdchk... no checking for getgrnam... yes checking for pathconf... yes checking for putprpwnam... no checking for setuidx... no checking for setgroups... yes checking for mktime... yes checking for rename... yes checking for ftruncate... yes checking for stat64... yes checking for fstat64... yes checking for lstat64... yes checking for set_auth_parameters... no checking for atexit... yes checking for grantpt... yes checking for getspnam... no checking for dup2... yes checking for lseek64... yes checking for ftruncate64... yes checking for fseek64... no checking for ftell64... no checking for bigcrypt... no checking for getprpwnam... no checking for setluid... no checking for yp_get_default_domain... yes checking for getpwanam... no checking for srandom... yes checking for random... yes checking for srand... yes checking for rand... yes checking for setenv... no checking for _dup... yes checking for _dup2... yes checking for _opendir... yes checking for _readdir... yes checking for _seekdir... yes checking for _telldir... yes checking for _closedir... yes checking for __dup... no checking for __dup2... no checking for __opendir... yes checking for __readdir... no checking for __seekdir... no checking for __telldir... no checking for __closedir... no checking for __getcwd... no checking for _getcwd... yes checking for __xstat... no checking for __fxstat... no checking for __lxstat... no checking for _stat... yes checking for _lstat... yes checking for _fstat... yes checking for __stat... no checking for __lstat... no checking for __fstat... no checking for _acl... no checking for __acl... no checking for _facl... no checking for __facl... no checking for _open... yes checking for __open... no checking for _chdir... yes checking for __chdir... no checking for _close... yes checking for __close... no checking for _fchdir... yes checking for __fchdir... no checking for _fcntl... yes checking for __fcntl... no checking for getdents... yes checking for _getdents... yes checking for __getdents... no checking for _lseek... yes checking for __lseek... no checking for _read... yes checking for __read... no checking for _write... yes checking for __write... no checking for _fork... yes checking for __fork... no checking for _stat64... no checking for __stat64... yes checking for _fstat64... no checking for __fstat64... yes checking for _lstat64... no checking for __lstat64... yes checking for __sys_llseek... no checking for llseek... no checking for _llseek... no checking for __llseek... no checking for readdir64... no checking for _readdir64... no checking for __readdir64... no checking for pread... no checking for _pread... no checking for __pread... no checking for pread64... no checking for _pread64... no checking for __pread64... no checking for pwrite... no checking for _pwrite... no checking for __pwrite... no checking for pwrite64... no checking for _pwrite64... no checking for __pwrite64... no checking for open64... yes checking for _open64... no checking for __open64... yes checking for creat64... yes checking for long long... yes checking for 64 bit off_t... no checking for off64_t... no checking for 64 bit ino_t... no checking for ino64_t... no checking for union semun... no checking for unsigned char... no checking for sin_len in sock... no checking whether seekdir returns void... no checking for __FILE__ macro... yes checking for __FUNCTION__ macro... no checking if gettimeofday takes tz argument... yes checking for broken readdir... no checking for utimbuf... yes checking for kernel oplock type definitions... no checking for irix specific capabilities... no checking for test routines... yes checking for ftruncate extend... yes checking for broken getgroups... no checking whether getpass should be replaced... no checking for broken inet_ntoa... no checking for root... no checking for netmask ifconf... no checking for netmask ifreq... no checking for netmask AIX... no checking for trapdoor seteuid... yes checking for shared mmap... yes checking for fcntl locking... no checking for 64 bit fcntl locking... no checking for sysv ipc... yes checking whether to use AFS... no checking whether to use DFS auth... no checking whether to use Kerberos IV... no checking whether to use AUTOMOUNT... no checking whether to use SMBMOUNT... no checking whether to use LDAP password database... no checking whether to use NISPLUS password database... no checking whether to use NISPLUS_HOME... no checking whether to use SSL... no checking whether to use MMAP... no checking whether to use syslog logging... no checking whether to support netatalk... no checking how to get filesystem space usage checking statvfs64 function (SVR4)... no checking statvfs function (SVR4)... yes checking configure summary ERROR: No locking available. Running Samba would be unsafe configure: error: summary failure. Aborting config From james at cows.ml.org Wed Oct 21 19:08:17 1998 From: james at cows.ml.org (James Willard) Date: Tue Dec 2 02:24:36 2003 Subject: Server manager broken under 95 Message-ID: <199810211908.PAA25193@cows.ml.org> Hi, Ever since about two days ago when passwords could be changed by CTRL-ALT-DEL | Change Password, I have not been able to administer my samba-controlled domain from the Win95 server manager. Up until then, I was able to administer the domain just fine. Server manager reported the samba machine as being the PDC, but now it tells me that a domain controller cannot be found and instead lists the PDC as a BDC. I am able to login to the PDC from Win95 boxes without any problem. Also, I have seen discussion about being able to use User Manager on a samba-controlled domain now. I have never been able to do this with User Manager, and I still can't. Since I don't have any NT machines around currently, I use Win95 Server/User Manager. Is there a difference in the way NT's and 95's domain administration utilties operate? Thanks, James D. Willard james@cows.ml.org --- From xmj at cypress.com Wed Oct 21 19:26:17 1998 From: xmj at cypress.com (Matthew Jamison) Date: Tue Dec 2 02:24:36 2003 Subject: compiling cvs source from 10/21/1998 10:30 -6 GMT Message-ID: <004a01bdfd28$acf68c40$cd3d54c0@melchizedekmiss.cypress.com> I am having a problem compiling the latest cvs code. I have compiled the cvs before but it was a few months ago when you still had to change the makefile. I run the configure file in the source directory and it does create a makefile. I run make and it kill over with the error message Linking shared library bin/smbwrappers.so ld: invalid number `-o' *** Error code 1 make: Fatal error: Command Failed for target `bin/smbwrapper.so' I am using gcc on a Solaris 2.5.1 box. Could some one tell me what is go wrong? Matthew From mathewss at nutech.com Wed Oct 21 19:52:32 1998 From: mathewss at nutech.com (Sean Mathews) Date: Tue Dec 2 02:24:36 2003 Subject: compiling cvs source from 10/21/1998 10:30 -6 GMT In-Reply-To: <004a01bdfd28$acf68c40$cd3d54c0@melchizedekmiss.cypress.com> Message-ID: Seems no one saw my messages i sent a week ago about problems with compiling the smbwrappers.so file. I posted the problem with my fix and seems everyone ignored it.. I just did a cvs now and the same problem occures.. maybe it is related to your problem also Matthew. My compiler hickups as follows. Compiling lib/crc32.c with -fpic Linking shared library bin/smbwrapper.so ld: No reference to __DYNAMIC make: *** [bin/smbwrapper.so] Error 1 I will have to go diggin now back through the samba email archive to find my fix again and re apply it. Ok here is what i did to fix my problem in the Makefile bin/smbwrapper.so: $(PICOBJS) @echo Linking shared library $@ @$(LD) -shared -Bshareable -o $@ $(PICOBJS) $(LIBS) i added -Bshareable anyway not sure if this will help but i sure hope someone looks into this as its not somthing i want to patch every time :c) regards Sean Mathews On Thu, 22 Oct 1998, Matthew Jamison wrote: > I am having a problem compiling the latest cvs code. I have compiled the > cvs before but it was a few months ago when you still had to change the > makefile. I run the configure file in the source directory and it does > create a makefile. I run make and it kill over with the error message > > Linking shared library bin/smbwrappers.so > ld: invalid number `-o' > *** Error code 1 > make: Fatal error: Command Failed for target `bin/smbwrapper.so' > > > I am using gcc on a Solaris 2.5.1 box. Could some one tell me what is go > wrong? > > Matthew > > > > > From mathewss at nutech.com Wed Oct 21 20:02:31 1998 From: mathewss at nutech.com (Sean Mathews) Date: Tue Dec 2 02:24:36 2003 Subject: compiling cvs source from 10/21/1998 10:30 -6 GMT In-Reply-To: <004a01bdfd28$acf68c40$cd3d54c0@melchizedekmiss.cypress.com> Message-ID: Rut Ro.. Batman.. CSV update with all the stuff going on in usermgr i had to see ;c) [1998/10/21 12:59:16, 0] passdb/smbpass.c:getsmbfile21pwent(333) getsmbfile21pwent: smbpasswd database is corrupt! did we change to a different format for this file? usermgr gets me "The Tag Is Invalid" Dialog error window. please advise.. Regards.. From lkcl at switchboard.net Wed Oct 21 21:11:53 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:36 2003 Subject: compiling cvs source from 10/21/1998 10:30 -6 GMT In-Reply-To: Message-ID: make sure _all_ accounts in private/smbpasswd have accounts in /etc/smbpasswd, matching _exactly_ the username _and_ the uid (first two fields of smbpasswd). On Thu, 22 Oct 1998, Sean Mathews wrote: > > > Rut Ro.. Batman.. > > CSV update with all the stuff going on in usermgr i had to see ;c) > > [1998/10/21 12:59:16, 0] passdb/smbpass.c:getsmbfile21pwent(333) > getsmbfile21pwent: smbpasswd database is corrupt! > > did we change to a different format for this file? > usermgr gets me "The Tag Is Invalid" Dialog error window. > > please advise.. > > Regards.. > > > > Luke Kenneth Casson Leighton Samba and Network Development Samba and Network Consultancy From mathewss at nutech.com Wed Oct 21 20:47:59 1998 From: mathewss at nutech.com (Sean Mathews) Date: Tue Dec 2 02:24:36 2003 Subject: compiling cvs source from 10/21/1998 10:30 -6 GMT In-Reply-To: Message-ID: Very COOL!! now the usermgr does not show duplicate users as it had in the past.. Lookin very good people keep itup. Still i am unable to connect to default shares ie \\server\c$ i still get access denied errors.. Also under server manager i can not connect to the other NT boxes without getting access denied errors. All except i can do this no problem with my 3.51 nt box :( anyone have any suggestions on how to determin what is causing this problem? Regards From lkcl at switchboard.net Wed Oct 21 21:49:08 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:36 2003 Subject: compiling cvs source from 10/21/1998 10:30 -6 GMT In-Reply-To: Message-ID: On Wed, 21 Oct 1998, Sean Mathews wrote: > > Very COOL!! now the usermgr does not show duplicate users > as it had in the past.. Lookin very good people keep itup. goodie. > Still i am unable to connect to default shares ie \\server\c$ you'll have to create one in smb.conf: [c$] > i still get access denied errors.. Also under server manager > i can not connect to the other NT boxes without getting > access denied errors. you will need the same thing as in an NT environment, i.e either an admin account with the same password as the one you're currently logged in as. From matthew at janus.law.usyd.edu.au Wed Oct 21 21:00:01 1998 From: matthew at janus.law.usyd.edu.au (Matthew Geier) Date: Tue Dec 2 02:24:36 2003 Subject: compiling cvs source from 10/21/1998 10:30 -6 GMT In-Reply-To: from "Sean Mathews" at Oct 22, 98 06:49:19 am Message-ID: <199810212100.HAA06828@janus.law.usyd.edu.au> > > Very COOL!! now the usermgr does not show duplicate users > as it had in the past.. Lookin very good people keep itup. STILL doesnt work for me :-). However if I now try to add users to a share on my NT box, after much traffic between the NT workstation and the samba DC, explorer 'Dr Watsons' and my desktop restarts. It used to just plain not work. The server manager which briefly worked (or worked to the point of showing a list of machines offering NT services, now cannot find a domain controller and exits. From tridge at samba.anu.edu.au Wed Oct 21 21:10:07 1998 From: tridge at samba.anu.edu.au (Andrew Tridgell) Date: Tue Dec 2 02:24:36 2003 Subject: Config Error in latest CVS? In-Reply-To: <199810211834.LAA02658@hydra.mrc.uidaho.edu> (message from Len Harold on Thu, 22 Oct 1998 04:38:54 +1000) References: <199810211834.LAA02658@hydra.mrc.uidaho.edu> Message-ID: <19981021211011Z12671133-479+2079@samba.anu.edu.au> frm the look of your configure output the problem is with the autoconf tests not your OS. If you upload config.log somewhere then we can probably fix it from that. From cartegw at Eng.Auburn.EDU Wed Oct 21 21:29:37 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:36 2003 Subject: [Fwd: NT 4.0 SP4 is actually out] Message-ID: <362E5241.D3F6DF0F@eng.auburn.edu> Enjoy. :) -- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) -------------- next part -------------- An embedded message was scrubbed... From: Brian Everding Subject: NT 4.0 SP4 is actually out Date: Wed, 21 Oct 1998 12:45:23 -0700 Size: 1937 Url: http://lists.samba.org/archive/samba-ntdom/attachments/19981021/7e73a229/attachment.eml From tridge at samba.anu.edu.au Wed Oct 21 21:30:06 1998 From: tridge at samba.anu.edu.au (Andrew Tridgell) Date: Tue Dec 2 02:24:36 2003 Subject: compiling cvs source from 10/21/1998 10:30 -6 GMT In-Reply-To: (message from Sean Mathews on Thu, 22 Oct 1998 05:54:53 +1000) References: Message-ID: <19981021213012Z12671007-479+2091@samba.anu.edu.au> > bin/smbwrapper.so: $(PICOBJS) > @echo Linking shared library $@ > @$(LD) -shared -Bshareable -o $@ $(PICOBJS) $(LIBS) > > i added -Bshareable > > anyway not sure if this will help but i sure hope someone > looks into this as its not somthing i want to patch every time :c) Look at configure.in near the top. You need to add -Bshareable to the appropriate OS section. Then send us a patch. What we really need is for someone to look into libtool and use that. Any volunteers? From william at hae.com Wed Oct 21 22:11:31 1998 From: william at hae.com (William Stuart) Date: Tue Dec 2 02:24:36 2003 Subject: SMBWRAPPER.SO error message Message-ID: While using smbwrapper.so I get the following message: ERROR: can't get smbw shared handle I am using LD_PRELOAD, SMBW_USER and SMBW_PASSWORD... OS: RH51 KERNEL: 2.0.34 CVS: 10/22/98; early morning (in Austrailia) I get the error with | (pipe), ls, and some cd's... I am not running smbd nor nmbd. Do I need to be? This is my first attempt. Please advise. --- William Stuart (william@hae.com) "Don't rush me sonny. You rush a miracle man you get rotten miracles." --Miracle Max, "The Princess Bride" From tridge at samba.anu.edu.au Wed Oct 21 22:50:05 1998 From: tridge at samba.anu.edu.au (Andrew Tridgell) Date: Tue Dec 2 02:24:36 2003 Subject: SMBWRAPPER.SO error message In-Reply-To: (message from William Stuart on Thu, 22 Oct 1998 08:13:20 +1000) References: Message-ID: <19981021225018Z12609327-479+2101@samba.anu.edu.au> > While using smbwrapper.so I get the following message: > > ERROR: can't get smbw shared handle that means the SMBW_HANDLE environment variable is not being propogated correctly. You might have to add some debug statements to work out why. > I am using LD_PRELOAD, SMBW_USER and SMBW_PASSWORD... SMBW_USER and SMBW_PASSWORD have been replaced by smbsh command line options in the current code. > I am not running smbd nor nmbd. Do I need to be? no, it should run standalone. From william at hae.com Wed Oct 21 23:25:53 1998 From: william at hae.com (William Stuart) Date: Tue Dec 2 02:24:36 2003 Subject: SMBWRAPPER.SO error message In-Reply-To: <19981021225018Z12609327-479+2101@samba.anu.edu.au> Message-ID: Is SMBW_HANDLE something I am supposed to set? --- William Stuart (william@hae.com) "Don't rush me sonny. You rush a miracle man you get rotten miracles." --Miracle Max, "The Princess Bride" On Thu, 22 Oct 1998, Andrew Tridgell wrote: > Date: Thu, 22 Oct 1998 08:50:05 +1000 > From: Andrew Tridgell > To: william@hae.com > Cc: samba-ntdom@samba.anu.edu.au > Subject: Re: SMBWRAPPER.SO error message > > > While using smbwrapper.so I get the following message: > > > > ERROR: can't get smbw shared handle > > that means the SMBW_HANDLE environment variable is not being > propogated correctly. You might have to add some debug statements to > work out why. > > > I am using LD_PRELOAD, SMBW_USER and SMBW_PASSWORD... > > SMBW_USER and SMBW_PASSWORD have been replaced by smbsh command line > options in the current code. > > > I am not running smbd nor nmbd. Do I need to be? > > no, it should run standalone. > > From mathewss at nutech.com Wed Oct 21 23:30:51 1998 From: mathewss at nutech.com (Sean Mathews) Date: Tue Dec 2 02:24:36 2003 Subject: compiling cvs source from 10/21/1998 10:30 -6 GMT In-Reply-To: Message-ID: On Thu, 22 Oct 1998, Luke Kenneth Casson Leighton wrote: > > Still i am unable to connect to default shares ie \\server\c$ > > you'll have to create one in smb.conf: [c$] umm i should say \\NTCOMPUTER\C$ wasnt talkin about a samba box :( sorry. > > > i still get access denied errors.. Also under server manager > > i can not connect to the other NT boxes without getting > > access denied errors. > > you will need the same thing as in an NT environment, i.e either an admin > account with the same password as the one you're currently logged in as. Also i forgot to mention that this works fine from an NT4.0 box dbl clicking on a NT 3.51 box.. only a problem from nt40->nt40 (password crypting?) hmm ok well i have the user "Administrator" with password "blaa" on box A and the user "Administrator" with same pass on Box B both are on the PDC and the user Administrator is on the PDC and i have this in my smb.conf a few thinks i left out for easy reading. these seem relevent [global] workgroup = NUTECH domain master = yes local master = yes preferred master = yes security = user encrypt passwords = yes guest account = nobody domain admin group = Administrator domain sid = S-1-5-21-111-222-121-312 domain logons = yes socket options = TCP_NODELAY ----- end conf ----- so i assume that when i dbl click on Server B's entry in server manager from Server A that server A would request something from server B and server B would authinticate me from the PDC and the PDC should say "Yes Administrator can do anything" kinda stuff ? The only thought i had was that there were some difference in how the 4.0 box is dealing with the packets or crypted passwords as compared to the 3.51 box. Thanks for your time in reading this mess.. Regards Sean M > > > > > From lharold at mrc.uidaho.edu Wed Oct 21 23:39:03 1998 From: lharold at mrc.uidaho.edu (Len Harold) Date: Tue Dec 2 02:24:36 2003 Subject: Config Error in latest CVS? In-Reply-To: <19981021211011Z12671133-479+2079@samba.anu.edu.au>; from "Andrew Tridgell" at Oct 22, 98 7:10 am Message-ID: <199810212339.QAA18423@zeus.mrc.uidaho.edu> >frm the look of your configure output the problem is with the autoconf >tests not your OS. If you upload config.log somewhere then we can >probably fix it from that. Ok, it is available at: http://www.len.moscow.id.us/config.log.txt Len -- ___ ___ ___ ________ ______ /| | /\ \ /| \|\ _ \/\ __\ Len Harold | | | \ \ - | \ \ \_\ /_ \ \_/ Systems Engineer | | \ \ \ \ _|\ \ \ _ \ \ \___ Phone: 208-885-7034 | | \ \ \__\/\ \__\ \__\ \__\ \_____\ Fax: 208-885-6840 | |* | \/__/ \/__/\/__/\/__/\/_____/ Email: len@mrc.uidaho.edu |/\ |/\ Web: www.mrc.uidaho.edu \/ \_/\ /| | Microelectronics Research | | | and Communications Institute | |____________| at the University of Idaho |/____________/ From D.Bannon at latrobe.edu.au Wed Oct 21 23:37:17 1998 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:24:36 2003 Subject: nt password changing now works. In-Reply-To: References: <3.0.3.32.19981021123517.00745fd8@bioserve.biochem.latrobe.edu.au> Message-ID: <3.0.3.32.19981022093717.007592dc@bioserve.biochem.latrobe.edu.au> At 05:07 PM 21/10/1998 +0000, Luke Kenneth Casson Leighton wrote: >put "unix password sync = yes" in smb.conf. Now, that seems to be what is causing the problems some people are reporting, with passwd sync on, I cannot change the passwd using the famous three fingured salute. Works fine if I disable the passwd sync option in smb.conf. Luke warned us about not getting too excited. Looks like a stroll through the log files.... RH5.1, no shadow passwd stuff. > >> Its really great work, thanks Luke ! > >remember, guys, that this has a tendency to fall back on the "SMBtrans2" >password change, i don't yet know why. so please don't think it's exactly >the same behaviour as an nt server... yet :) > > > ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From matthew at janus.law.usyd.edu.au Thu Oct 22 00:59:48 1998 From: matthew at janus.law.usyd.edu.au (Matthew Geier) Date: Tue Dec 2 02:24:36 2003 Subject: Latest CVS on SunOS 4.1.4 Message-ID: <199810220059.KAA02918@janus.law.usyd.edu.au> Im having lots of smbd keeling over with signal 11 type problems. I dont have time for a better report at the moment, but would be interested to know if some one is running the latest CVS on a SunOS machine. From David.Billinghurst at riotinto.com.au Wed Oct 21 23:22:41 1998 From: David.Billinghurst at riotinto.com.au (Billinghurst, David (RTD)) Date: Tue Dec 2 02:24:36 2003 Subject: smbwrapper on Irix 6.2 Message-ID: <59A91793A168D2118E0A0000F802ED31012B8E@ATMMAIL.atmdns> Partial success with smbwrapper from samba-2.0.0-alpha13 on Irix 6.2 Some configuration problems with ACLs. Worked around by editing config.h (below) Some confusion due to the multiple ABIs in Irix 6.2 I test samba on a 32 bit Indigo2 so configure using env CC="cc -n32" configure Needed a couple of trival changes to Makefile to ensure correct flag (-32 or -n32) was used. (below) Testing ls /smb/ .... OK ls /smb/cru200 ... OK another samba server ls /smb/cru200/billingd ... OK ls /smb/crw427 ... OK Win95 PC using user security ls /smb/crw427/a ... Cannot access /smb/crw427/cdrom: Invalid argument (log below) ls /smb/crtsfile ... NT4 SP3 server Cannot access directory /smb/CRTSFILE: Permission denied +++++++++++++++++++++++++++++++++++++++++ (Mr) David Billinghurst Comalco Research and Technical Support PO Box 316, Thomastown, Vic, Australia, 3074 Phone: +61 3 9469 0642 FAX: +61 3 9462 2700 Email: David.Billinghurst@riotinto.com.au ####################### Changes to config.h ############################### 147c147 < /* #undef HAVE___ACL */ --- > #undef HAVE___ACL 165c165 < /* #undef HAVE___FACL */ --- > #undef HAVE___FACL 258c258 < #define HAVE__ACL 1 --- > /* #define HAVE__ACL 1 */ 276c276 < /* #undef HAVE__FACL */ --- > #undef HAVE__FACL 663c663 < /* #undef HAVE_SYS_ACL_H */ --- > #undef HAVE_SYS_ACL_H ###################################################################### ################## Hacks to Makefile ########################### --- Makefile.orig Wed Oct 21 11:58:58 1998 +++ Makefile Wed Oct 21 12:07:34 1998 @@ -272,11 +272,11 @@ # this is for IRIX .c.po32: # .deps/.dummy - @if (: >> $@ || : > $@) >/dev/null 2>&1; then rm -f $@; else \ + if (: >> $@ || : > $@) >/dev/null 2>&1; then rm -f $@; else \ dir=`echo $@ | sed 's,/[^/]*$$,,;s,^$$,.,'` $(MAKEDIR); fi - @echo Compiling $*.c with -KPIC and -32 - @$(CC) -32 -I. -I$(srcdir) $(FLAGS) -KPIC -c $< -o $*.po32.o - @mv $*.po32.o $@ \ + echo Compiling $*.c with -KPIC and -32 + cc -32 -I. -I$(srcdir) $(FLAGS) -KPIC -c $< -o $*.po32.o + mv $*.po32.o $@ \ # -Wp,-MD,.deps/`echo $* | sed s,/,_,g`.P && : >.deps/.stamp bin/.dummy: @@ -354,7 +354,7 @@ bin/smbwrapper.so: $(PICOBJS) @echo Linking shared library $@ - @$(LD) -shared -o $@ $(PICOBJS) $(LIBS) + @$(LD) -n32 -shared -o $@ $(PICOBJS) $(LIBS) bin/smbwrapper.32.so: $(PICOBJS32) @echo Linking shared library $@ ############################################################## ############## shmsh -d9 ############################# smbsh$ ls /smb/crw427/cdrom smbw_path(/smb/crw427/cdrom) smbw_path(/smb/crw427/cdrom) resolve_name: Attempting lmhosts lookup for name crw427 resolve_name: Attempting host lookup for name crw427 Connecting to 203.4.72.62 at port 139 smbw_error 2 6 (0x6) -> 22 Cannot access /smb/crw427/cdrom: Invalid argument smbsh$ exit cru201:18%/var/samba/bin/smbsh -d9 Username: billingd Password: smbsh$ ls /smb/crw427/cdrom fcntl_lock 2499 7 0 1 2 Lock call successful fcntl_lock 2499 6 0 1 3 Lock call successful fcntl_lock 2499 7 0 1 2 Lock call successful fcntl_lock 2499 6 0 1 3 Lock call successful Initial cwd from smbw_cwd is /usr/people/billingd smbw_path(/smb/crw427/cdrom) cleaning /smb/crw427/cdrom cleaned /smb/crw427/cdrom (fname=/smb/crw427/cdrom cwd=/usr/people/billingd) parsed path name=/smb/crw427/cdrom cwd=/usr/people/billingd [crw427] [cdrom] [\] smbw_path(/smb/crw427/cdrom) cleaning /smb/crw427/cdrom cleaned /smb/crw427/cdrom (fname=/smb/crw427/cdrom cwd=/usr/people/billingd) parsed path name=/smb/crw427/cdrom cwd=/usr/people/billingd [crw427] [cdrom] [\] stat(/smb/crw427/cdrom) cleaning /smb/crw427/cdrom cleaned /smb/crw427/cdrom (fname=/smb/crw427/cdrom cwd=/usr/people/billingd) parsed path name=/smb/crw427/cdrom cwd=/usr/people/billingd [crw427] [cdrom] [\] fcntl_lock 2499 7 0 1 2 Lock call successful fcntl_lock 2499 6 0 1 3 Lock call successful fcntl_lock 2499 7 0 1 2 Lock call successful fcntl_lock 2499 6 0 1 3 Lock call successful fcntl_lock 2499 7 0 1 2 Lock call successful fcntl_lock 2499 6 0 1 3 Lock call successful server_n=[crw427] server=[crw427] -> server_n=[crw427] server=[crw427] fcntl_lock 2499 7 0 1 2 Lock call successful fcntl_lock 2499 6 0 1 3 Lock call successful resolve_name: Attempting lmhosts lookup for name crw427 startlmhosts: Can't open lmhosts file /var/samba/lib/lmhosts. Error was No such file or directory resolve_name: Attempting host lookup for name crw427 Connecting to 203.4.72.62 at port 139 write_socket(3,76) write_socket(3,76) wrote 76 Sent session request session request ok write_socket(3,168) write_socket(3,168) wrote 168 size=77 smb_com=0x72 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=0 smb_tid=0 smb_pid=6023 smb_uid=0 smb_mid=1 smt_wct=17 smb_vwv[0]=7 (0x7) smb_vwv[1]=515 (0x203) smb_vwv[2]=256 (0x100) smb_vwv[3]=26624 (0x6800) smb_vwv[4]=11 (0xB) smb_vwv[5]=0 (0x0) smb_vwv[6]=256 (0x100) smb_vwv[7]=3840 (0xF00) smb_vwv[8]=256 (0x100) smb_vwv[9]=896 (0x380) smb_vwv[10]=2 (0x2) smb_vwv[11]=0 (0x0) smb_vwv[12]=55663 (0xD96F) smb_vwv[13]=18764 (0x494C) smb_vwv[14]=48637 (0xBDFD) smb_vwv[15]=43009 (0xA801) smb_vwv[16]=2301 (0x8FD) smb_bcc=8 write_socket(3,137) write_socket(3,137) wrote 137 size=41 smb_com=0x73 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=1 smb_tid=0 smb_pid=6023 smb_uid=0 smb_mid=1 smt_wct=3 smb_vwv[0]=255 (0xFF) smb_vwv[1]=0 (0x0) smb_vwv[2]=0 (0x0) smb_bcc=0 session setup ok write_socket(3,69) write_socket(3,69) wrote 69 smbw_error 2 6 (0x6) -> 22 Cannot access /smb/crw427/cdrom: Invalid argument From tridge at samba.anu.edu.au Thu Oct 22 03:20:05 1998 From: tridge at samba.anu.edu.au (Andrew Tridgell) Date: Tue Dec 2 02:24:36 2003 Subject: SMBWRAPPER.SO error message In-Reply-To: (message from William Stuart on Wed, 21 Oct 1998 16:25:53 -0700 (PDT)) References: Message-ID: <19981022032006Z12670171-482+2137@samba.anu.edu.au> > Is SMBW_HANDLE something I am supposed to set? no, it's set by smbsh at startup (in smbwrapper/shared.c) and should be propogated to all child processes as an environment variable. That error means it isn't being propogated correctly for some reason. From tridge at samba.anu.edu.au Thu Oct 22 03:30:02 1998 From: tridge at samba.anu.edu.au (Andrew Tridgell) Date: Tue Dec 2 02:24:36 2003 Subject: Config Error in latest CVS? In-Reply-To: <199810212339.QAA18423@zeus.mrc.uidaho.edu> (message from Len Harold on Wed, 21 Oct 1998 16:39:03 PDT) References: <199810212339.QAA18423@zeus.mrc.uidaho.edu> Message-ID: <19981022033015Z12668932-478+2200@samba.anu.edu.au> > >frm the look of your configure output the problem is with the autoconf > >tests not your OS. If you upload config.log somewhere then we can > >probably fix it from that. > > Ok, it is available at: > > http://www.len.moscow.id.us/config.log.txt looks like it didn't find a defn for pid_t configure:5899: checking for fcntl locking configure:5912: cc -o conftest -g conftest.c 1>&5 cc: "tests/fcntl_lock.c", line 16: error 1000: Unexpected symbol: "pid". cc: "tests/fcntl_lock.c", line 16: error 1705: Function prototypes are an ANSI feature. cc: "tests/fcntl_lock.c", line 16: error 1574: Unknown size for "pid". cc: "tests/fcntl_lock.c", line 19: error 1608: Function argument may not be of type void. cc: "tests/fcntl_lock.c", line 32: error 1705: Function prototypes are an ANSI feature. cc: "tests/fcntl_lock.c", line 73: error 1608: Function argument may not be of type void. it probably just needs sys/types.h in tests/fcntl_lock.c From jal at mcs.le.ac.uk Thu Oct 22 08:35:15 1998 From: jal at mcs.le.ac.uk (J. A. Landamore) Date: Tue Dec 2 02:24:36 2003 Subject: compile problem with latest CVS source Message-ID: <26908.9810220835@sun2.mcs.le.ac.uk> A non-text attachment was scrubbed... Name: not available Type: text Size: 2211 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/19981022/b23e3076/attachment.bat From jal at mcs.le.ac.uk Thu Oct 22 09:02:36 1998 From: jal at mcs.le.ac.uk (J. A. Landamore) Date: Tue Dec 2 02:24:36 2003 Subject: nt password changing against NIS+ Message-ID: <27249.9810220902@sun2.mcs.le.ac.uk> A non-text attachment was scrubbed... Name: not available Type: text Size: 253 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/19981022/4a22b40d/attachment.bat From laurent.menu at temic.fr Thu Oct 22 15:03:00 1998 From: laurent.menu at temic.fr (laurent.menu@temic.fr) Date: Tue Dec 2 02:24:36 2003 Subject: compile problem with latest CVS source In-Reply-To: <"26908.9810220835*"@MHS> Message-ID: Hi Subject: compile problem with latest CVS source Author: JAL (jal@mcs.le.ac.uk) at inet,mm Date: 22/10/98 11:36 Downloaded the latest cvs source (08:00 GMT 22/10/98) and tried to compile. (It seems to config OK). Apart from the stream of warnings of the form: [snip] John Landamore p.s. Many thanks for all the great work the samba team puts in. You are not alone ! :-) I get the same problem on my HP-UX brazil B.10.20 A 9000/827 + gcc machine Laurent From dave at www.buffalostate.edu Thu Oct 22 16:01:43 1998 From: dave at www.buffalostate.edu (Dave J. Andruczyk) Date: Tue Dec 2 02:24:36 2003 Subject: nt password changing now works. In-Reply-To: <3.0.3.32.19981022093717.007592dc@bioserve.biochem.latrobe.edu.au> Message-ID: > >put "unix password sync = yes" in smb.conf. > > Now, that seems to be what is causing the problems some people are > reporting, with passwd sync on, I cannot change the passwd using the famous > three fingured salute. Works fine if I disable the passwd sync option in > smb.conf. Luke warned us about not getting too excited. > > Looks like a stroll through the log files.... As the docs say, to do "unix password sync" the passwords have to be sent in clear text, which NT4 with SP3 or higher WILL NOT DO, without a registry hack to allow plain text password sending. Check to see if your machines can send the password in clear text before attempting unix passwd sync. Easiest way is to say "encrypt passwords = no" in the smb.conf file. dave From lkcl at switchboard.net Thu Oct 22 17:22:11 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:36 2003 Subject: compiling cvs source from 10/21/1998 10:30 -6 GMT In-Reply-To: Message-ID: > domain admin group = Administrator this should be "domain admin users = ..." From lkcl at switchboard.net Thu Oct 22 17:24:57 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:36 2003 Subject: nt password changing now works. In-Reply-To: <3.0.3.32.19981022093717.007592dc@bioserve.biochem.latrobe.edu.au> Message-ID: you need the "password chat" to succeed. if you either don't set one or the attempt to change the unix password fails, then it will not proceed to the nt password changing. On Thu, 22 Oct 1998, David Bannon wrote: > At 05:07 PM 21/10/1998 +0000, Luke Kenneth Casson Leighton wrote: > > >put "unix password sync = yes" in smb.conf. > > Now, that seems to be what is causing the problems some people are > reporting, with passwd sync on, I cannot change the passwd using the famous > three fingured salute. Works fine if I disable the passwd sync option in > smb.conf. Luke warned us about not getting too excited. > > Looks like a stroll through the log files.... > > RH5.1, no shadow passwd stuff. > > > > > > > > >> Its really great work, thanks Luke ! > > > >remember, guys, that this has a tendency to fall back on the "SMBtrans2" > >password change, i don't yet know why. so please don't think it's exactly > >the same behaviour as an nt server... yet :) > > > > > > > ------------------------------------------------------------ > David Bannon D.Bannon@latrobe.edu.au > School of Biochemistry Phone 61 03 9479 2197 > La Trobe University, Plenty Rd, Fax 61 03 9479 2467 > Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au > ------------------------------------------------------------ > .... Humpty Dumpty was pushed ! > Luke Kenneth Casson Leighton Samba and Network Development Samba and Network Consultancy From william at hae.com Thu Oct 22 16:32:04 1998 From: william at hae.com (William Stuart) Date: Tue Dec 2 02:24:36 2003 Subject: nt password changing now works. In-Reply-To: Message-ID: On Fri, 23 Oct 1998, Dave J. Andruczyk wrote: > > As the docs say, to do "unix password sync" the passwords have to be sent > in clear text, which NT4 with SP3 or higher WILL NOT DO, without a > registry hack to allow plain text password sending. Check to see if your > machines can send the password in clear text before attempting unix > passwd sync. Easiest way is to say "encrypt passwords = no" in the > smb.conf file. > > dave Dave-- Luke said it is possible, and to try it. He said, in a previous email, that the new password is encrypted with the old LM or NT hash and he could use it to set the UNIX password. http://samba.anu.edu.au/listproc/samba-ntdom/2211.html --- William Stuart (william@hae.com) "Don't rush me sonny. You rush a miracle man you get rotten miracles." --Miracle Max, "The Princess Bride" From cartegw at Eng.Auburn.EDU Thu Oct 22 16:37:06 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:36 2003 Subject: nt password changing now works. References: Message-ID: <362F5F32.FF5FECE8@eng.auburn.edu> Dave J. Andruczyk wrote: > > As the docs say, to do "unix password sync" the passwords have > to be sent in clear text, which NT4 with SP3 or higher WILL NOT > DO, without a registry hack to allow plain text password > sending. Check to see if your machines can send the password > in clear text before attempting unix passwd sync. Easiest way > is to say "encrypt passwords = no" in the smb.conf file. You have to set "encrypt passwords = yes" to get the PDC functioanlity. Also re-read the smb.conf man page again. The unix password sync option sets the new password without access to the cleartext of the old pasword. That is why the /etc/password change is done as root. The old password is sent encrypted. As always...corrections welcome, j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From lkcl at switchboard.net Thu Oct 22 17:41:38 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:36 2003 Subject: nt password changing now works. In-Reply-To: Message-ID: > As the docs say, to do "unix password sync" the passwords have to be sent > in clear text, which NT4 with SP3 or higher WILL NOT DO, yes it does, i just added code to support that capability! honest! From Jean-Francois.Micouleau at dalalu.fr Thu Oct 22 16:48:26 1998 From: Jean-Francois.Micouleau at dalalu.fr (Jean Francois Micouleau) Date: Tue Dec 2 02:24:36 2003 Subject: nt password changing now works. In-Reply-To: Message-ID: > > smb.conf. Luke warned us about not getting too excited. > > > > Looks like a stroll through the log files.... > > As the docs say, to do "unix password sync" the passwords have to be sent > in clear text, which NT4 with SP3 or higher WILL NOT DO, without a > registry hack to allow plain text password sending. Check to see if your > machines can send the password in clear text before attempting unix > passwd sync. Easiest way is to say "encrypt passwords = no" in the > smb.conf file. Are you sure of your statement ? When you change your password, it sent encrypted in a way that the server can decrypt it, with or without SP3. Check the readme file coming with the SP3 for NT4 and you will see a password filter chapter. J.F. From cartegw at Eng.Auburn.EDU Thu Oct 22 16:56:25 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:36 2003 Subject: compiling cvs source from 10/21/1998 10:30 -6 GMT References: Message-ID: <362F63B9.B771F746@eng.auburn.edu> Luke Kenneth Casson Leighton wrote: > > > domain admin group = Administrator > > this should be "domain admin users = ..." Luke, I thought we were migrating away from "domain admin users" and towards "domain admin group". j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From william at hae.com Thu Oct 22 16:58:41 1998 From: william at hae.com (William Stuart) Date: Tue Dec 2 02:24:36 2003 Subject: SMBWRAPPER.SO error message In-Reply-To: <19981022032006Z12670171-482+2137@samba.anu.edu.au> Message-ID: It's fixed. I screwed up... I ran smbsh in one virtual console and LD_PRELOAD in another. DoHHH! --- William Stuart (william@hae.com) "Don't rush me sonny. You rush a miracle man you get rotten miracles." --Miracle Max, "The Princess Bride" On Thu, 22 Oct 1998, Andrew Tridgell wrote: > Date: Thu, 22 Oct 1998 13:32:30 +1000 > From: Andrew Tridgell > To: Multiple recipients of list > Subject: Re: SMBWRAPPER.SO error message > > > Is SMBW_HANDLE something I am supposed to set? > > no, it's set by smbsh at startup (in smbwrapper/shared.c) and should > be propogated to all child processes as an environment variable. > > That error means it isn't being propogated correctly for some reason. > > From amol at memcad.com Thu Oct 22 17:08:40 1998 From: amol at memcad.com (Amol Karnik) Date: Tue Dec 2 02:24:36 2003 Subject: REPOST : -Re: nt password changing now works. References: <362DFAF0.B6AE9E23@memcad.com> Message-ID: <362F6698.1A8C1016@memcad.com> hi all, am reposting this email from me, which i sent 2 days back. perhaps not everyone got it, since i got no responses to it. - amol Amol Karnik wrote: > > umm i tried this after doing an update today morning, and it doesnt work > for me. > > details : > > cvs code : latest ( did a cvs update, cvs -t update) > did an rm -rf and a ./configure with no option other than --prefix and > did a make > > samba is running on solaris2.5.1 with latest patches > samba is logon server, wins server. > profiles are roaming profiles stored on the samba server. > client is NT4.0 workstation with service pack 3 > > domain logon works perfect. profiles are downloaded perfectly. (there > are no local accounts) > i did a c-a-d and change passwd, but it returns saying "the user name or > old password is incorrect. letters in password must be typed using the > correct case. make sure that caps lock is not accidently on" > > when i compiled i did notice the following warnings : > =========================== > Compiling smbd/chgpasswd.c > "smbd/chgpasswd.c", line 638: warning: argument #1 is incompatible with > prototype: > prototype: pointer to char : "include/proto.h", line 511 > argument : pointer to uchar > Compiling smbd/connection.c > Compiling smbd/dfree.c > Compiling smbd/dir.c > Compiling smbd/password.c > Compiling smbd/conn.c > Compiling smbd/fileio.c > Compiling smbd/ipc.c > "smbd/ipc.c", line 1735: warning: argument #3 is incompatible with > prototype: > prototype: pointer to uchar : "include/proto.h", line 2024 > argument : pointer to char > Compiling smbd/mangle.c > .... > ... > Compiling smbd/open.c > "smbd/open.c", line 578: warning: integer overflow detected: op "<<" > .. > .. > Compiling rpc_parse/parse_samr.c > "rpc_parse/parse_samr.c", line 2737: warning: syntax error: empty > declaration > .... > .... > Compiling lib/util.c > "lib/util.c", line 4392: warning: integer overflow detected: op "<<" > "lib/util.c", line 4405: warning: integer overflow detected: op "<<" > .. > .. > Compiling lib/util.c with -Kpic > "lib/util.c", line 4392: warning: integer overflow detected: op "<<" > "lib/util.c", line 4405: warning: integer overflow detected: op "<<" > > ========================== > > a relevant part of the log.machine$ file with a debug level of 10 is > shown below > > ===================== > [1998/10/21 11:08:25, 5] passdb/smbpass.c:(252) > getsmbfilepwent: returning passwd entry for user amol, uid 227 > [1998/10/21 11:08:25, 10] passdb/passdb.c:(146) > found by name: amol > [1998/10/21 11:08:25, 7] passdb/smbpass.c:(81) > endsmbfilepwent: closed password file. > [1998/10/21 11:08:25, 0] smbd/chgpasswd.c:(680) > check_oem_password: incorrect password length (-663635885). > [1998/10/21 11:08:25, 5] rpc_parse/parse_samr.c:(2776) > make_r_chgpasswd_user > [1998/10/21 11:08:25, 5] rpc_parse/parse_prs.c:(36) > 000000 samr_io_r_chgpasswd_user > [1998/10/21 11:08:25, 5] rpc_parse/parse_prs.c:(139) > 2ca6f8 status: c000006a > [1998/10/21 11:08:25, 5] rpc_server/srv_samr.c:(750) > samr_chgpasswd_user: 750 > [1998/10/21 11:08:25, 10] rpc_server/srv_util.c:(755) > called api_samr_rpc > [1998/10/21 11:08:25, 5] rpc_server/srv_util.c:(175) > create_rpc_reply: data_start: 0 data_end: 4 max_tsize: 5680 > [1998/10/21 11:08:25, 5] rpc_parse/parse_prs.c:(36) > 000000 smb_io_rpc_hdr hdr > [1998/10/21 11:08:25, 5] rpc_parse/parse_prs.c:(111) > 272a10 major : 05 > [1998/10/21 11:08:25, 5] rpc_parse/parse_prs.c:(111) > [1998/10/21 11:08:35, 5] smbd/uid.c:(343) > unbecome_user now uid=(0,0) gid=(0,0) > [1998/10/21 11:09:25, 6] param/loadparm.c:(1743) > lp_file_list_changed() > file /usr/local/samba/lib/smb.conf -> /usr/local/samba/lib/smb.conf > last mod_time: Tue Oct 20 15:22:06 1998 > ========================================= > > btw, you guys are doing a great job. keep it up folks. your work does > not go unappreciated. > > regards, > > amol > > Luke Kenneth Casson Leighton wrote: > > > > ok. > > > > i got encrypted rpcs in smbd working, tested with "small", i.e only one > > dce/rpc fragment. i've yet to see an encrypted rpc large enough to fit > > into more than one dce/rpc fragment. although, i could set the fragment > > size to something bizarre and small.... hm. > > > > ok. testing against a workstation logged in to a samba domain... > > ctrl-alt-del | change password... password change works! oh yeah! > > > > i tried testing earlier by typing in the domain name, i got a UDP SAMLOGON > > query which i had to fix by always putting the unicode data at the end of > > the response, but to no avail. it forces an SMBtrans2 password change > > _not_ a \PIPE\samr one. wierd. there must be something else in there. > > > > so, to recap, in one sentence: password changing for nt workstations that > > are a member of a samba domain now works. > > > > luke From mathewss at nutech.com Thu Oct 22 17:30:37 1998 From: mathewss at nutech.com (Sean Mathews) Date: Tue Dec 2 02:24:36 2003 Subject: compiling cvs source from 10/21/1998 10:30 -6 GMT In-Reply-To: Message-ID: YIKES!!!!! according to the docs on the samba website this was originaly domain admin users but was changed to domain admin group. I changed this when i did a cvs a while ago to bring it upto speed.. here is the url i refered to. http://samba.isca.uiowa.edu/samba/ntdom_faq/page4.html#4-3-1 it was quite clear about NOT using it :( Regards Sean Mathews On Thu, 22 Oct 1998, Luke Kenneth Casson Leighton wrote: > > domain admin group = Administrator > > this should be "domain admin users = ..." > > > > > From lkcl at switchboard.net Thu Oct 22 18:40:30 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:36 2003 Subject: compiling cvs source from 10/21/1998 10:30 -6 GMT In-Reply-To: Message-ID: ok, it's not quite correct. you need to specify one user with "domain admin users = ". hm. maybe it should be "domain admin user =". and then yes, also specify whuch users are in the domain admin group. these two parameters _used_ to have an incorrect effect: they are now different. On Thu, 22 Oct 1998, Sean Mathews wrote: > > YIKES!!!!! > according to the docs on the samba website this was > originaly domain admin users but was changed to domain admin > group. > I changed this when i did a cvs a while ago to bring it > upto speed.. > here is the url i refered to. > > http://samba.isca.uiowa.edu/samba/ntdom_faq/page4.html#4-3-1 > > it was quite clear about NOT using it :( > > Regards > Sean Mathews > > On Thu, 22 Oct 1998, Luke Kenneth Casson Leighton wrote: > > > > domain admin group = Administrator > > > > this should be "domain admin users = ..." > > > > > > > > > > > > > Luke Kenneth Casson Leighton Samba and Network Development Samba and Network Consultancy From lharold at mrc.uidaho.edu Thu Oct 22 18:02:15 1998 From: lharold at mrc.uidaho.edu (Len Harold) Date: Tue Dec 2 02:24:37 2003 Subject: Config Error in latest CVS? In-Reply-To: <19981022033015Z12668932-478+2200@samba.anu.edu.au>; from "Andrew Tridgell" at Oct 22, 98 1:30 pm Message-ID: <199810221802.LAA07434@hydra.mrc.uidaho.edu> >> >frm the look of your configure output the problem is with the autoconf >> >tests not your OS. If you upload config.log somewhere then we can >> >probably fix it from that. >> >> Ok, it is available at: >> >> http://www.len.moscow.id.us/config.log.txt > >looks like it didn't find a defn for pid_t > >configure:5899: checking for fcntl locking >configure:5912: cc -o conftest -g conftest.c 1>&5 >cc: "tests/fcntl_lock.c", line 16: error 1000: Unexpected symbol: "pid". >cc: "tests/fcntl_lock.c", line 16: error 1705: Function prototypes are an ANSI feature. >cc: "tests/fcntl_lock.c", line 16: error 1574: Unknown size for "pid". >cc: "tests/fcntl_lock.c", line 19: error 1608: Function argument may not be of type void. >cc: "tests/fcntl_lock.c", line 32: error 1705: Function prototypes are an ANSI feature. >cc: "tests/fcntl_lock.c", line 73: error 1608: Function argument may not be of type void. > >it probably just needs sys/types.h in tests/fcntl_lock.c Adding sys/types.h didn't work but when I read the error message again I can see the problem, cc need either an -Aa or -Ae option to use the ANSI compiler. I added -Ae to the CFLAG options on line 7125 and it doesn't complain about file locking now, however I now get: WARNING: trapdoor uid system - Samba may not operate correctly which I didn't get before. The new config.log and config.out are at: http://www.len.moscow.id.us/config.log.txt http://www.len.moscow.id.us/config.out.txt Len -- ___ ___ ___ ________ ______ /| | /\ \ /| \|\ _ \/\ __\ Len Harold | | | \ \ - | \ \ \_\ /_ \ \_/ Systems Engineer | | \ \ \ \ _|\ \ \ _ \ \ \___ Phone: 208-885-7034 | | \ \ \__\/\ \__\ \__\ \__\ \_____\ Fax: 208-885-6840 | |* | \/__/ \/__/\/__/\/__/\/_____/ Email: len@mrc.uidaho.edu |/\ |/\ Web: www.mrc.uidaho.edu \/ \_/\ /| | Microelectronics Research | | | and Communications Institute | |____________| at the University of Idaho |/____________/ From lkcl at switchboard.net Thu Oct 22 19:00:40 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:37 2003 Subject: compiling cvs source from 10/21/1998 10:30 -6 GMT In-Reply-To: <362F63B9.B771F746@eng.auburn.edu> Message-ID: On Fri, 23 Oct 1998, Gerald Carter wrote: > Luke Kenneth Casson Leighton wrote: > > > > > domain admin group = Administrator > > > > this should be "domain admin users = ..." > > Luke, I thought we were migrating away from "domain admin users" > and towards "domain admin group". weelll... we really should be replacing _all_ the "domain xxxx" functions. From lkcl at switchboard.net Thu Oct 22 19:11:03 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:37 2003 Subject: REPOST : -Re: nt password changing now works. In-Reply-To: <362F6698.1A8C1016@memcad.com> Message-ID: check the log files. if you have ever changed your password with the "SMBtrans2" calls, this does _not_ update the NT 16 byte hash it only does the LM one. the nt password change will then _fail_ because there is no NT password to decode the new password. On Fri, 23 Oct 1998, Amol Karnik wrote: > hi all, > > am reposting this email from me, which i sent 2 days back. perhaps not > everyone got it, since i got no responses to it. > > - amol > > > Amol Karnik wrote: > > > > umm i tried this after doing an update today morning, and it doesnt work > > for me. > > > > details : > > > > cvs code : latest ( did a cvs update, cvs -t update) > > did an rm -rf and a ./configure with no option other than --prefix and > > did a make > > > > samba is running on solaris2.5.1 with latest patches > > samba is logon server, wins server. > > profiles are roaming profiles stored on the samba server. > > client is NT4.0 workstation with service pack 3 > > > > domain logon works perfect. profiles are downloaded perfectly. (there > > are no local accounts) > > i did a c-a-d and change passwd, but it returns saying "the user name or > > old password is incorrect. letters in password must be typed using the > > correct case. make sure that caps lock is not accidently on" > > > > when i compiled i did notice the following warnings : > > =========================== > > Compiling smbd/chgpasswd.c > > "smbd/chgpasswd.c", line 638: warning: argument #1 is incompatible with > > prototype: > > prototype: pointer to char : "include/proto.h", line 511 > > argument : pointer to uchar > > Compiling smbd/connection.c > > Compiling smbd/dfree.c > > Compiling smbd/dir.c > > Compiling smbd/password.c > > Compiling smbd/conn.c > > Compiling smbd/fileio.c > > Compiling smbd/ipc.c > > "smbd/ipc.c", line 1735: warning: argument #3 is incompatible with > > prototype: > > prototype: pointer to uchar : "include/proto.h", line 2024 > > argument : pointer to char > > Compiling smbd/mangle.c > > .... > > ... > > Compiling smbd/open.c > > "smbd/open.c", line 578: warning: integer overflow detected: op "<<" > > .. > > .. > > Compiling rpc_parse/parse_samr.c > > "rpc_parse/parse_samr.c", line 2737: warning: syntax error: empty > > declaration > > .... > > .... > > Compiling lib/util.c > > "lib/util.c", line 4392: warning: integer overflow detected: op "<<" > > "lib/util.c", line 4405: warning: integer overflow detected: op "<<" > > .. > > .. > > Compiling lib/util.c with -Kpic > > "lib/util.c", line 4392: warning: integer overflow detected: op "<<" > > "lib/util.c", line 4405: warning: integer overflow detected: op "<<" > > > > ========================== > > > > a relevant part of the log.machine$ file with a debug level of 10 is > > shown below > > > > ===================== > > [1998/10/21 11:08:25, 5] passdb/smbpass.c:(252) > > getsmbfilepwent: returning passwd entry for user amol, uid 227 > > [1998/10/21 11:08:25, 10] passdb/passdb.c:(146) > > found by name: amol > > [1998/10/21 11:08:25, 7] passdb/smbpass.c:(81) > > endsmbfilepwent: closed password file. > > [1998/10/21 11:08:25, 0] smbd/chgpasswd.c:(680) > > check_oem_password: incorrect password length (-663635885). > > [1998/10/21 11:08:25, 5] rpc_parse/parse_samr.c:(2776) > > make_r_chgpasswd_user > > [1998/10/21 11:08:25, 5] rpc_parse/parse_prs.c:(36) > > 000000 samr_io_r_chgpasswd_user > > [1998/10/21 11:08:25, 5] rpc_parse/parse_prs.c:(139) > > 2ca6f8 status: c000006a > > [1998/10/21 11:08:25, 5] rpc_server/srv_samr.c:(750) > > samr_chgpasswd_user: 750 > > [1998/10/21 11:08:25, 10] rpc_server/srv_util.c:(755) > > called api_samr_rpc > > [1998/10/21 11:08:25, 5] rpc_server/srv_util.c:(175) > > create_rpc_reply: data_start: 0 data_end: 4 max_tsize: 5680 > > [1998/10/21 11:08:25, 5] rpc_parse/parse_prs.c:(36) > > 000000 smb_io_rpc_hdr hdr > > [1998/10/21 11:08:25, 5] rpc_parse/parse_prs.c:(111) > > 272a10 major : 05 > > [1998/10/21 11:08:25, 5] rpc_parse/parse_prs.c:(111) > > [1998/10/21 11:08:35, 5] smbd/uid.c:(343) > > unbecome_user now uid=(0,0) gid=(0,0) > > [1998/10/21 11:09:25, 6] param/loadparm.c:(1743) > > lp_file_list_changed() > > file /usr/local/samba/lib/smb.conf -> /usr/local/samba/lib/smb.conf > > last mod_time: Tue Oct 20 15:22:06 1998 > > ========================================= > > > > btw, you guys are doing a great job. keep it up folks. your work does > > not go unappreciated. > > > > regards, > > > > amol > > > > Luke Kenneth Casson Leighton wrote: > > > > > > ok. > > > > > > i got encrypted rpcs in smbd working, tested with "small", i.e only one > > > dce/rpc fragment. i've yet to see an encrypted rpc large enough to fit > > > into more than one dce/rpc fragment. although, i could set the fragment > > > size to something bizarre and small.... hm. > > > > > > ok. testing against a workstation logged in to a samba domain... > > > ctrl-alt-del | change password... password change works! oh yeah! > > > > > > i tried testing earlier by typing in the domain name, i got a UDP SAMLOGON > > > query which i had to fix by always putting the unicode data at the end of > > > the response, but to no avail. it forces an SMBtrans2 password change > > > _not_ a \PIPE\samr one. wierd. there must be something else in there. > > > > > > so, to recap, in one sentence: password changing for nt workstations that > > > are a member of a samba domain now works. > > > > > > luke > Luke Kenneth Casson Leighton Samba and Network Development Samba and Network Consultancy From mblack at csi.cc Thu Oct 22 18:19:58 1998 From: mblack at csi.cc (Mike Black) Date: Tue Dec 2 02:24:37 2003 Subject: [Fwd: NT 4.0 SP4 is actually out] Message-ID: <001f01bdfde8$93f7ea20$32de11cc@mblack.csihq.com> Just thought everybody would like to know... Just started testing NT SP4 against 1.9.18p10 and the latest (as of Oct 22) cvs update for Samba-2.0.0-prealpha and it all seems to work OK so far. P.S. I use encrypted passwords. -----Original Message----- From: Gerald Carter To: Multiple recipients of list Date: Wednesday, October 21, 1998 5:38 PM Subject: [Fwd: NT 4.0 SP4 is actually out] Enjoy. :) -- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From amol at memcad.com Thu Oct 22 18:27:59 1998 From: amol at memcad.com (Amol Karnik) Date: Tue Dec 2 02:24:37 2003 Subject: REPOST : -Re: nt password changing now works. References: Message-ID: <362F792F.CF9FEF9@memcad.com> Luke Kenneth Casson Leighton wrote: > > check the log files. if you have ever changed your password with the > "SMBtrans2" calls, this does _not_ update the NT 16 byte hash it only does > the LM one. the nt password change will then _fail_ because there is no > NT password to decode the new password. > ummm sorry Luke, i have no clue as to what you are saying here! i made a smbpasswd file from the /etc/passwd using the mkpasswd file, and did a smbpasswd and changed my passwd on unix. i do not have a local account on the nt wkstation. how do i fix it, so that i can now roll out the nt wkstations and ask users to login with a std default password, and then do c-a-d to change it to whatever they want? regards, amol From cartegw at Eng.Auburn.EDU Thu Oct 22 18:30:06 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:37 2003 Subject: [Fwd: NT 4.0 SP4 is actually out] References: <001f01bdfde8$93f7ea20$32de11cc@mblack.csihq.com> Message-ID: <362F79AE.B3BAEBC3@eng.auburn.edu> Mike Black wrote: > > Just thought everybody would like to know... > > Just started testing NT SP4 against 1.9.18p10 and the latest > (as of Oct 22) cvs update for Samba-2.0.0-prealpha and it > all seems to work OK so far. > P.S. I use encrypted passwords. Could you try it against the latest CVS code. 1.9.18p10 does support NT SMB's as wellas the PDC stuff. And send packets traces of the stuff that does work? :) Or logs. Thanks, j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From lkcl at switchboard.net Thu Oct 22 19:28:44 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:37 2003 Subject: REPOST : -Re: nt password changing now works. In-Reply-To: <362F792F.CF9FEF9@memcad.com> Message-ID: write a script to wrap smbpasswd command to change everyone's passwords to some default value. or use "migrate passwords = yes". On Thu, 22 Oct 1998, Amol Karnik wrote: > Luke Kenneth Casson Leighton wrote: > > > > check the log files. if you have ever changed your password with the > > "SMBtrans2" calls, this does _not_ update the NT 16 byte hash it only does > > the LM one. the nt password change will then _fail_ because there is no > > NT password to decode the new password. > > > > ummm sorry Luke, i have no clue as to what you are saying here! i made a > smbpasswd file from the /etc/passwd using the mkpasswd file, and did a > smbpasswd and changed my passwd on unix. i do not have a local account > on the nt wkstation. > > how do i fix it, so that i can now roll out the nt wkstations and ask > users to login with a std default password, and then do c-a-d to change > it to whatever they want? > > regards, > > amol > Luke Kenneth Casson Leighton Samba and Network Development Samba and Network Consultancy From lkcl at switchboard.net Thu Oct 22 19:29:30 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:37 2003 Subject: REPOST : -Re: nt password changing now works. In-Reply-To: <362F792F.CF9FEF9@memcad.com> Message-ID: > ummm sorry Luke, i have no clue as to what you are saying here! i made a hey, don't worry: i have no idea either. sorry, i'm a techie. From amol at memcad.com Thu Oct 22 19:03:57 1998 From: amol at memcad.com (Amol Karnik) Date: Tue Dec 2 02:24:37 2003 Subject: REPOST : -Re: nt password changing now works. References: Message-ID: <362F819D.B2C5CFC1@memcad.com> hmm, i did both....still doesnt work. added "migrate passwords = yes" and testparm complained about it being an unknown parameter. then i did a smbpasswd on my username, and changed my password. logged onto the the nt4.0 machine and tried the change my password, still gives the same error. "[1998/10/22 15:07:35, 0] smbd/chgpasswd.c:(737) check_oem_password: old lm password doesn't match" what am i doing wrong here? - amol Luke Kenneth Casson Leighton wrote: > > write a script to wrap smbpasswd command to change everyone's passwords to > some default value. > > or use "migrate passwords = yes". > > On Thu, 22 Oct 1998, Amol Karnik wrote: > > > Luke Kenneth Casson Leighton wrote: > > > > > > check the log files. if you have ever changed your password with the > > > "SMBtrans2" calls, this does _not_ update the NT 16 byte hash it only does > > > the LM one. the nt password change will then _fail_ because there is no > > > NT password to decode the new password. > > > > > > > ummm sorry Luke, i have no clue as to what you are saying here! i made a > > smbpasswd file from the /etc/passwd using the mkpasswd file, and did a > > smbpasswd and changed my passwd on unix. i do not have a local account > > on the nt wkstation. > > > > how do i fix it, so that i can now roll out the nt wkstations and ask > > users to login with a std default password, and then do c-a-d to change > > it to whatever they want? > > > > regards, > > > > amol > > > From lkcl at switchboard.net Thu Oct 22 20:59:24 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:37 2003 Subject: [Fwd: NT 4.0 SP4 is actually out] In-Reply-To: <001f01bdfde8$93f7ea20$32de11cc@mblack.csihq.com> Message-ID: my thanks to andrej for his bug reports and netmon traces over the last few weeks: you would be saying "it's broke!" otherwise, mike :-) On Fri, 23 Oct 1998, Mike Black wrote: > Just thought everybody would like to know... > > Just started testing NT SP4 against 1.9.18p10 and the latest (as of Oct 22) > cvs update for Samba-2.0.0-prealpha and it all seems to work OK so far. > P.S. I use encrypted passwords. From cartegw at Eng.Auburn.EDU Thu Oct 22 20:17:17 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:37 2003 Subject: [Fwd: NT 4.0 SP4 is actually out] References: <001f01bdfde8$93f7ea20$32de11cc@mblack.csihq.com> <362F79AE.B3BAEBC3@eng.auburn.edu> Message-ID: <362F92CD.60ADF8BC@eng.auburn.edu> Sorry to have to follow up on my own braindead post. I just saw 1.9.18p10 and must have gone to sleep without reading the rest of the message. Sorry for the noise. j- Gerald Carter wrote: > > Mike Black wrote: > > > > Just started testing NT SP4 against 1.9.18p10 and the latest > > (as of Oct 22) cvs update for Samba-2.0.0-prealpha and it > > all seems to work OK so far. > > P.S. I use encrypted passwords. > > Could you try it against the latest CVS code. 1.9.18p10 > does support NT SMB's as wellas the PDC stuff. ^^^^ does not > > And send packets traces of the stuff that does work? :) > Or logs. From xmj at cypress.com Thu Oct 22 21:21:48 1998 From: xmj at cypress.com (Matthew Jamison) Date: Tue Dec 2 02:24:37 2003 Subject: Solaris 2.5.1 and gcc Message-ID: <003601bdfe01$fa917120$cd3d54c0@melchizedek.miss.cypress.com> I have gotten the latest CVS code for the last 3 days and every time I run the configure and then run make it crashes on the linking of smbwrapper.so. Has anyone else gotten the latest CVS code to work with Solaris 2.5.1 with gcc? Matthew -------------------------------------------- Matthew Jamison xmj@cypress.com System Administrator Cypress Semiconductor 601-324-4609 (CSDC) -------------------------------------------- -------------- next part -------------- A non-text attachment was scrubbed... Name: Matthew Jamison.vcf Type: application/octet-stream Size: 569 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/19981022/ebe0b40a/MatthewJamison.obj From cartegw at Eng.Auburn.EDU Thu Oct 22 22:02:09 1998 From: cartegw at Eng.Auburn.EDU (Gerald W. Carter) Date: Tue Dec 2 02:24:37 2003 Subject: Re; Solaris 2.5.1 and gcc Message-ID: Matthew, What version of gcc? I am compiling with 2.7.2 and i think it worked with 2.8.1 as well. j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From thwartedefforts at wonky.org Thu Oct 22 23:14:00 1998 From: thwartedefforts at wonky.org (thwartedefforts@wonky.org) Date: Tue Dec 2 02:24:37 2003 Subject: NT sending guest username and parameter parsing problem Message-ID: <19981022231400.28664.cpmta@fillmore.criticalpath.net> I'm experiences two problems. First (the more serious one). I experienced this with cvs from 981020. NT Workstations (SP3) seem to be sending 'guest' as the username at times when requesting a list of shares. This makes the %U parameter mostly useless. Take the following example (please!): smb.conf: include = /shares/perms/user.%U [everyone] blah blah [homes] blah blah /shares/perms/user.abakun: [share1] blah blah [share2] blah blah Note that samba is configured to be the domain controller (Everything works; loging in, profiles, logon script, password change (from my initial tests at least)). When I login as abakun, I should see the following shares: abakun everyone share1 share2 Right? When I browse the samba machine, I see these. But sometimes, when I click on share1 or share2, it will tell me that name \\server\share1 couldn't be found, and doing a refresh of the share listing in the explorer window removes share1 and share2. Looking in the debug logs shows that the username that was sent was 'guest', and sometimes I'll see a message to the effect that it couldn't find the file named /shares/perms/user.guest when it checks to reread the configuration files. Now what is interesting is that if I access my homes share first (\\server\abakun) then share1 and share2 seem to stick, but if I access everyone, share1 or share2 before I access \\server\abakun, it seems to go into an unpredictable state whereas I can't determine if my workstation is going to sent 'guest' as the username or the name I actually logged in as when it sends future requests for the share list. I believe this can be forced to happen in a more predictable way if you have guest only shares which are accessed before shares that require validation. Has anyone else noticed this? I was first experiencing this problem when half my machines where in one domain and half were in another, and I figured that once a machine was loging into a domain, and from then on is validated to use resources in the domain, the workstation would consistantly send the entered/validated username for the life of the logon. Now that the only domain that exists is the samba controlled domain, I'm still seeing this behavior. Perhaps there could be a work around in samba, where if a user is logged into the domain, and was previously validated, that username could be used even if the workstation sends guest as the username -- if I remember correctly, the workstation may be sending a null username, and samba is defaulting to guest in that case. I'll have to take a look at the code to verify this, if I can remember where in the code I first saw that happening (I'm still getting familar with the samba code). Second (the less serious one). I experienced this with alpha7. I was trying to configure a custom print command in a printer share, and I had a line similar to the following: print command = /usr/local/bin/doprint %s %p %M "%U" (quotes around %U because some usernames contained spaces) And it was always failing, never even executed doprint. The debug log showed that executing the command was returing 512 (which I figured out later was the result of bash giving a parse error on the command -- this seems to be undocumented in the bash man page). Turns out that when it reads the conf file, it is explictly removing trailing quotes, so it was trying to execute: /usr/local/bin/doprint %s %p %M "%U which voilates shell quoting rules. I fixed this by rearranging the parameters (and thusly changing doprint :) ) so that the parameters I wanted quoted appeared earlier and a non-quoted one appeared last. Quoting from John Blair's Samba book (page 109): Remember that no quotation marks are ever needed. However, for convience, if leading and/or trailing quotation marks are found, they will be dropped. The effects of leading and trailing quotation marks are not mentioned in the man page, except to say that they are not needed. So yeah, this is my fault -- I should have used single quotes (which I think would fix it, since samba only removes double quotes?), but this seems inconsistant. A trailing quote should only be removed if there is a leading quote (after the equal sign). Internal quotes are kept (for passing onto the shell), which is important for things like the preexec and print command parameters. What about internal whitespace in the user map file (where you need to use quotes around multi-word values). What kind of action should happen here? I think I can whip up a patch to make it behave like *I* think it should, but that might not be the right thing (and might break someone's conf file). Andy. From kumpf at igd.fhg.de Thu Oct 22 23:32:53 1998 From: kumpf at igd.fhg.de (Christian Kumpf) Date: Tue Dec 2 02:24:37 2003 Subject: OFF TOPIC - please break your lines... References: <19981022231400.28664.cpmta@fillmore.criticalpath.net> Message-ID: <362FC0A5.E5F5708B@zgdv.de> to something reasonable, preferably 60..70 chars. Lines with a few hundred chars aren't legible anymore. Christian From suprem at mygale.org Thu Oct 22 23:38:13 1998 From: suprem at mygale.org (Remy Bruno) Date: Tue Dec 2 02:24:37 2003 Subject: problem with samba on a NT domain References: <36274123.A044EDD2@mygale.org> Message-ID: <362FC1E5.B4B06EF4@mygale.org> Hi I sent a message few days ago about the problems I had to connect from my linux-samba box to a win95 box. I downloaded the latest version of samba (2.0.0-alpha13), put "security=domain" in smb.conf and now, smbclient works! But smbmount still doesn't work and smbpasswd -j (to "join" the workgroup, I read of it in http://gd.tuwien.ac.at/samba/ntdom_faq/page6.html) doesn't work either and reports: (...) Connecting to 160.228.92.5 at port 139 cli_net_auth2: Error NT_STATUS_NO_TRUST_SAM_ACCOUNT cli_nt_setup_creds: auth2 challenge failed modify_trust_password: unable to setup the PDC credentials to machine REZO. Error was : NT_STATUS_NO_TRUST_SAM_ACCOUNT. 1998/10/22 23:10:21 : change_trust_account_password: Failed to change password for domain REZ. smbpasswd: Unable to join domain REZ. any ideas of what is wrong? thanks Remy BRUNO http://www.mygale.org/~suprem From greg at discreet.com Fri Oct 23 00:04:57 1998 From: greg at discreet.com (Greg Dickie) Date: Tue Dec 2 02:24:37 2003 Subject: null usernames? Message-ID: Hi cvs from about 19:00 Oct 22nd. I'm getting alot of these [1998/10/22 19:12:27, 1] passdb/passdb.c:(763) Username is invalid on this system [1998/10/22 19:12:27, 1] passdb/passdb.c:(763) Username is invalid on this system looking in the code it looks like it is trying to look up a username of NULL. I can immediately see to places in rpc_server where it gets called but cannot see where that username could come from. Anyone have an idea? This is really cool, this bleeding edge stuff. You can see it taking shape hour by hour :-) Cheers, Greg ---------------------------------- Greg Dickie just a guy* *from Discreet Logic ---------------------------------- From matthew at janus.law.usyd.edu.au Fri Oct 23 06:53:33 1998 From: matthew at janus.law.usyd.edu.au (Matthew Geier) Date: Tue Dec 2 02:24:37 2003 Subject: NT Service pack 4 Message-ID: <199810230653.QAA13530@janus.law.usyd.edu.au> Well I tried it, and now my machine will not login to the Samba domain - 'System's computer account in the primary domain is is missing or the password is incorrect'. I tried leaving the domain, resetting the machine account passwd (smbpasswd -am ) and rejoining - while it says 'Welcome to the LAW domain', after the reboot I get the above message. From jason at datrix.co.za Fri Oct 23 10:23:39 1998 From: jason at datrix.co.za (Jason Armstrong) Date: Tue Dec 2 02:24:37 2003 Subject: Access permissions Message-ID: Hi I have RedHat 5.1 running latest samba (cvs). Can connect to domain from NT4 machine. My problem: Can't access Registry settings. Example 1: Open System Properties Change something Error message: Cannot open USER Environment section in Registry. Possible registry corruption. Example 2: NT Explorer -> Directory Properties -> Security -> Permissions -> Add Error message: The instruction at "0x778933a" referenced memory at "0x006b006e". The memory could not be "read". Example 3: Trying to open Borland C++ Builder Error message: Unable to open Key: \Software\Borland\C++Builder\3.0\Editor\Highlight Relevant sections from smb.conf: workgroup = PONG domain admin users = jason Administrator domain admin group = jason Administrator security = domain encrypt passwords = yes smb passwd file = /usr/local/samba/private/smbpasswd local master = yes os level = 33 domain master = yes preferred master = yes domain controller = yes domain logons = yes logon path = \\%L\profiles\%U dns proxy = yes [profiles] path = /home/profiles browseable = yes guest ok = no writable = yes I am in the Administrator group, and I have added \\PONG\jason to the Administrator group too. Yet I still do not seem to have sufficient priveleges. And my profile (jason) ie desktop settings etc also doesn't get saved. Thanks for any hints. Jason From heinig at hdz-ima.rwth-aachen.de Fri Oct 23 12:32:29 1998 From: heinig at hdz-ima.rwth-aachen.de (Gerald Heinig) Date: Tue Dec 2 02:24:37 2003 Subject: Two NT domains on same subnet? Message-ID: <3630775D.8C1141C1@hdz-ima.rwth-aachen.de> Hello all, Is it possible to have two different NT domains on the same subnet? ie. two Samba PDCs running on the same subnet, each serving a different domain? Gerald From dave at www.buffalostate.edu Fri Oct 23 11:34:51 1998 From: dave at www.buffalostate.edu (Dave J. Andruczyk) Date: Tue Dec 2 02:24:37 2003 Subject: nt password changing now works. In-Reply-To: Message-ID: > > Are you sure of your statement ? Not anymore, since I heard that the password was decriptable. previously i thought this was not the case.. > > When you change your password, it sent encrypted in a way that the server > can decrypt it, with or without SP3. > Check the readme file coming with the SP3 for NT4 and you will see a > password filter chapter. dave From dave at www.buffalostate.edu Fri Oct 23 11:48:04 1998 From: dave at www.buffalostate.edu (Dave J. Andruczyk) Date: Tue Dec 2 02:24:37 2003 Subject: NT sending guest username and parameter parsing problem In-Reply-To: <19981022231400.28664.cpmta@fillmore.criticalpath.net> Message-ID: > > Right? When I browse the samba machine, I see these. But sometimes, > when I click on share1 or share2, it will tell me that name > \\server\share1 couldn't be found, and doing a refresh of the share > listing in the explorer window removes share1 and share2. Looking in > the debug logs shows that the username that was sent was 'guest', and > sometimes I'll see a message to the effect that it couldn't find the > file named /shares/perms/user.guest when it checks to reread the > configuration files. Now what is interesting is that if I access my > homes share first (\\server\abakun) then share1 and share2 seem to > stick, but if I access everyone, share1 or share2 before I access > \\server\abakun, it seems to go into an unpredictable state whereas I > can't determine if my workstation is going to sent 'guest' as the > username or the name I actually logged in as when it sends future > requests for the share list. I believe this can be forced to happen in > a more predictable way if you have guest only shares which are accessed > before shares that require validation. > > Has anyone else noticed this? I was first experiencing this problem Yep I "sort of" get this problem. The main complaints come for the NT4 SP3 users on another domain. When they connect to my server (which is NOT a PDC, it rus 1.9.18p10), they MUST connect as "\\butler\username%username", in NT's network neighborhood, and MUST leave the "connect as" box empty, and type their password in the normal password field. They DO NOT have to do the above if their NT username matches the username on my server. if the names do NOT match, the "forced user" version is the only way to get your home dir in a Read/Write fashion. depending on permissions the user has set, they wither get a connection with nothing in the window ( no read permission for guest (world)), or a window with no files modifyable (read only) (read permission for guest). Dave From cartegw at Eng.Auburn.EDU Fri Oct 23 11:53:50 1998 From: cartegw at Eng.Auburn.EDU (Gerald W. Carter) Date: Tue Dec 2 02:24:37 2003 Subject: NT Service pack 4 In-Reply-To: <199810230653.QAA13530@janus.law.usyd.edu.au> Message-ID: On Fri, 23 Oct 1998, Matthew Geier wrote: > Well I tried it, and now my machine will not login to the Samba domain - > 'System's computer account in the primary domain is is missing or the > password is incorrect'. > > I tried leaving the domain, resetting the machine account passwd (smbpasswd > -am ) and rejoining - while it says 'Welcome to the LAW domain', after the > reboot I get the above message. Same here. I've got a trace and am going to look at it this morning. j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From dave at www.buffalostate.edu Fri Oct 23 11:55:29 1998 From: dave at www.buffalostate.edu (Dave J. Andruczyk) Date: Tue Dec 2 02:24:37 2003 Subject: Two NT domains on same subnet? In-Reply-To: <3630775D.8C1141C1@hdz-ima.rwth-aachen.de> Message-ID: > > Is it possible to have two different NT domains on the same subnet? ie. > two Samba PDCs running on the same subnet, each serving a different > domain? yep. we do it here on our campus.. Each of the workgroups except for 1 are managed by Samba/NT PDC's Workgroup Master --------- ------- BSCLOGON LOGSRVA BSCPRINTERS PRINTSRVR1 BUTLER-LIBRARY BARMAID FINMGT MOCSRV MYGROUP PROFPLUM PUBLICSAFETY PUBSAFE1 TECH-DEPT UHP137 WORKGROUP ICP006 Dave From cartegw at Eng.Auburn.EDU Fri Oct 23 11:59:05 1998 From: cartegw at Eng.Auburn.EDU (Gerald W. Carter) Date: Tue Dec 2 02:24:37 2003 Subject: Two NT domains on same subnet? In-Reply-To: <3630775D.8C1141C1@hdz-ima.rwth-aachen.de> Message-ID: On Fri, 23 Oct 1998, Gerald Heinig wrote: > Hello all, > > Is it possible to have two different NT domains on the same subnet? ie. > two Samba PDCs running on the same subnet, each serving a different > domain? Yes. As long has they have different domain SID's, different workgroup names and different netbios names. Same things as NT. j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From ken.mohr at wdc.com Fri Oct 23 12:26:34 1998 From: ken.mohr at wdc.com (Ken Mohr) Date: Tue Dec 2 02:24:37 2003 Subject: NT Service pack 4 In-Reply-To: <199810230653.QAA13530@janus.law.usyd.edu.au> Message-ID: I am running the latests samba grabbed from the cvs sight, which I auto update the source every other day and recompile (depends what fixes were added). I am also running 1 NT workstations and 1 NT server. All which do not have a problem joining or logging out of the domain. Did you try removing the machine name from the password file and then re-adding it? Even with NT as a PDC, there has been known problems with a NT box rejoining the domain to where the account would have to be removed and then readded. Just a thought. Thanks, Ken Mohr On Fri, 23 Oct 1998, Matthew Geier wrote: > Well I tried it, and now my machine will not login to the Samba domain - > 'System's computer account in the primary domain is is missing or the > password is incorrect'. > > I tried leaving the domain, resetting the machine account passwd (smbpasswd > -am ) and rejoining - while it says 'Welcome to the LAW domain', after the > reboot I get the above message. From amol at memcad.com Fri Oct 23 12:39:55 1998 From: amol at memcad.com (Amol Karnik) Date: Tue Dec 2 02:24:37 2003 Subject: NT Service pack 4 References: <199810230653.QAA13530@janus.law.usyd.edu.au> Message-ID: <3630791B.C3B034D9@memcad.com> i've seen this a few times, when you reinstall NT on a machine. Even though the machine had an earlier valid entry in smbpasswd, after a reinstall, with the same name, ip etc, it cant join the samba domain, unless you delete the entry and do a smbpasswd -a -m machinename again. - amol Matthew Geier wrote: > > Well I tried it, and now my machine will not login to the Samba domain - > 'System's computer account in the primary domain is is missing or the > password is incorrect'. > > I tried leaving the domain, resetting the machine account passwd (smbpasswd > -am ) and rejoining - while it says 'Welcome to the LAW domain', after the > reboot I get the above message. From lkcl at switchboard.net Fri Oct 23 15:57:50 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:37 2003 Subject: NT sending guest username and parameter parsing problem In-Reply-To: <19981022231400.28664.cpmta@fillmore.criticalpath.net> Message-ID: On Fri, 23 Oct 1998 thwartedefforts@wonky.org wrote: > I'm experiences two problems. > > First (the more serious one). I experienced this with cvs from 981020. > > NT Workstations (SP3) seem to be sending 'guest' as the username at times when requesting a list of shares. This makes the %U parameter mostly useless. Take the following example (please!): it's not nt wkstas, it's samba. and no, there isn't really a good solution. i've seen this happen with win95 too. From xmj at cypress.com Fri Oct 23 16:22:13 1998 From: xmj at cypress.com (Matthew Jamison) Date: Tue Dec 2 02:24:37 2003 Subject: Solaris 2.5.1 compiling problem solved and other questions. Message-ID: <000001bdfea1$4b7524c0$cd3d54c0@melchizedek.miss.cypress.com> After working looking at the make file I changed my path to use the ld that came with my cc from sun and this solved my problem. I now have some more questions. First off the size of my executable are huge! before on the older version the whole samba directory took up about 5Mb with all the log files. Now it takes up 60Mb. What happened? Also I have been trying to set it up as a primary domain controller and when I run the NT Server Manager it shows my samba system as a Windows NT Backup controller. Is this normal? Also when I try to use the user manager it complains about "Could not find domain controller for this domain." It is almost like it is truly using it as a backup instead of a primary. Any suggestions or recommendations? Matthew -------------------------------------------- Matthew Jamison xmj@cypress.com System Administrator Cypress Semiconductor 601-324-4609 (CSDC) -------------------------------------------- From lkcl at switchboard.net Fri Oct 23 17:51:28 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:37 2003 Subject: null usernames? In-Reply-To: Message-ID: greg, this is in the lsa lookup names code: i haven't looked at that yet, properly. On Fri, 23 Oct 1998, Greg Dickie wrote: > > Hi cvs from about 19:00 Oct 22nd. > > I'm getting alot of these > > [1998/10/22 19:12:27, 1] passdb/passdb.c:(763) > Username is invalid on this system > [1998/10/22 19:12:27, 1] passdb/passdb.c:(763) > Username is invalid on this system > > looking in the code it looks like it is trying to look up a username of NULL. I > can immediately see to places in rpc_server where it gets called but cannot see > where that username could come from. Anyone have an idea? From lkcl at switchboard.net Fri Oct 23 17:54:43 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:37 2003 Subject: NT Service pack 4 In-Reply-To: <199810230653.QAA13530@janus.law.usyd.edu.au> Message-ID: hey, what you reckon they changed the "NetSrvPasswdSet" function? On Fri, 23 Oct 1998, Matthew Geier wrote: > Well I tried it, and now my machine will not login to the Samba domain - > 'System's computer account in the primary domain is is missing or the > password is incorrect'. > > I tried leaving the domain, resetting the machine account passwd (smbpasswd > -am ) and rejoining - while it says 'Welcome to the LAW domain', after the > reboot I get the above message. > > Luke Kenneth Casson Leighton Samba and Network Development Samba and Network Consultancy From cartegw at Eng.Auburn.EDU Fri Oct 23 17:09:50 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:37 2003 Subject: Solaris 2.5.1 compiling problem solved and other questions. References: <000001bdfea1$4b7524c0$cd3d54c0@melchizedek.miss.cypress.com> Message-ID: <3630B85E.DBBDE7EB@eng.auburn.edu> Matthew Jamison wrote: > > questions. First off the size of my executable are huge! remove the -g from the CFLAGS in Makefile. Its the debugging info. j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From cartegw at Eng.Auburn.EDU Fri Oct 23 17:21:43 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:37 2003 Subject: problem with samba on a NT domain References: <36274123.A044EDD2@mygale.org> <362FC1E5.B4B06EF4@mygale.org> Message-ID: <3630BB27.79EF05E7@eng.auburn.edu> Remy Bruno wrote: > > (...) > Connecting to 160.228.92.5 at port 139 > cli_net_auth2: Error NT_STATUS_NO_TRUST_SAM_ACCOUNT ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Did you create a machine account on the PDC for the samba box? > cli_nt_setup_creds: auth2 challenge failed > modify_trust_password: unable to setup the PDC credentials to machine > REZO. Error was : NT_STATUS_NO_TRUST_SAM_ACCOUNT. > 1998/10/22 23:10:21 : change_trust_account_password: Failed to change > password for domain REZ. > smbpasswd: Unable to join domain REZ. j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From leemc at cdf.toronto.edu Fri Oct 23 19:18:37 1998 From: leemc at cdf.toronto.edu (Matthew Lee) Date: Tue Dec 2 02:24:37 2003 Subject: REPOST : -Re: nt password changing now works. Message-ID: <98Oct23.151849edt.25627@marvin.cdf.toronto.edu> > hmm, i did both....still doesnt work. > > added "migrate passwords = yes" and testparm complained about it being > an unknown parameter. > > then i did a smbpasswd on my username, and changed my password. > logged onto the the nt4.0 machine and tried the change my password, > still gives the same error. > > "[1998/10/22 15:07:35, 0] smbd/chgpasswd.c:(737) > check_oem_password: old lm password doesn't match" > > what am i doing wrong here? Yes, I'm seeing exactly the same problem, even if I begin with a freshly created account. Matthew Luke Kenneth Casson Leighton wrote: > > write a script to wrap smbpasswd command to change everyone's passwords to > some default value. > > or use "migrate passwords = yes". > > On Thu, 22 Oct 1998, Amol Karnik wrote: > > > Luke Kenneth Casson Leighton wrote: > > > > > > check the log files. if you have ever changed your password with the > > > "SMBtrans2" calls, this does _not_ update the NT 16 byte hash it only does > > > the LM one. the nt password change will then _fail_ because there is no > > > NT password to decode the new password. > > > > > > > ummm sorry Luke, i have no clue as to what you are saying here! i made a > > smbpasswd file from the /etc/passwd using the mkpasswd file, and did a > > smbpasswd and changed my passwd on unix. i do not have a local account > > on the nt wkstation. > > > > how do i fix it, so that i can now roll out the nt wkstations and ask > > users to login with a std default password, and then do c-a-d to change > > it to whatever they want? > > > > regards, > > > > amol > > > From leemc at cdf.toronto.edu Fri Oct 23 19:48:00 1998 From: leemc at cdf.toronto.edu (Matthew Lee) Date: Tue Dec 2 02:24:37 2003 Subject: REPOST : -Re: nt password changing now works. Message-ID: <98Oct23.154810edt.25628@marvin.cdf.toronto.edu> [Amol wrote:] > > hmm, i did both....still doesnt work. > > > > added "migrate passwords = yes" and testparm complained about it being > > an unknown parameter. > > > > then i did a smbpasswd on my username, and changed my password. > > logged onto the the nt4.0 machine and tried the change my password, > > still gives the same error. > > > > "[1998/10/22 15:07:35, 0] smbd/chgpasswd.c:(737) > > check_oem_password: old lm password doesn't match" > > > > what am i doing wrong here? [I wrote:] > > Yes, I'm seeing exactly the same problem, even if I begin with a > freshly created account. Hmmm, however, I can change a non-null password to a null password via ctl-alt-del. Matthew From matthew at janus.law.usyd.edu.au Fri Oct 23 21:15:53 1998 From: matthew at janus.law.usyd.edu.au (Matthew Geier) Date: Tue Dec 2 02:24:37 2003 Subject: Two NT domains on same subnet? In-Reply-To: <3630775D.8C1141C1@hdz-ima.rwth-aachen.de> from "Gerald Heinig" at Oct 23, 98 09:40:26 pm Message-ID: <199810232115.HAA09654@janus.law.usyd.edu.au> > Is it possible to have two different NT domains on the same subnet? ie. > two Samba PDCs running on the same subnet, each serving a different > domain? > Ive for some time run two 'win95' domains on the same subnet, and im about to but nt-domain support on the other server. A staff and 'student' server on the same network. From lkcl at switchboard.net Fri Oct 23 22:46:43 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:37 2003 Subject: domain group and local group API needed Message-ID: in the spirit of the "Re: password API needed", let the fun and games begin again, this time on domain and local groups, respectively. starting with structures like these: /*** query a local group, get a list of these: shows who is in that group ***/ /* local group member info */ typedef struct local_grp_member_info { DOM_SID sid ; /* matches with name */ uint8 sid_use; /* usr=1 grp=2 dom=3 alias=4 wkng=5 del=6 inv=7 unk=8 */ fstring name ; /* matches with sid: must be of the form "DOMAIN\account" */ } LOCAL_GRP_MEMBER; /* enumerate these to get list of local groups */ /* local group info */ typedef struct local_grp_info { fstring name; fstring comment; } LOCAL_GRP; /*** enumerate these to get list of domain groups ***/ /* domain group member info */ typedef struct domain_grp_info { fstring name; fstring comment; uint32 rid; /* group rid */ uint8 attr; /* attributes forced to be set to 0x7: SE_GROUP_xxx */ } DOMAIN_GRP; /*** query a domain group, get a list of these: shows who is in that group ***/ /* domain group info */ typedef struct domain_grp_member_info { fstring name; uint8 attr; /* attributes forced to be set to 0x7: SE_GROUP_xxx */ } DOMAIN_GRP_MEMBER; From aperrin at demog.Berkeley.EDU Fri Oct 23 22:54:29 1998 From: aperrin at demog.Berkeley.EDU (Andrew Perrin - Demography) Date: Tue Dec 2 02:24:37 2003 Subject: compile problems Message-ID: Can't compile under Solaris 2.6 (sparc) using gcc, with version downloaded today Oct. 23 at about 15h00 Pacific time: lots of the following warning, In file included from include/includes.h:224, from smbwrapper/smbsh.c:22: /usr/include/sys/vfs.h:164: warning: `struct statvfs64' declared inside parameter list /usr/include/sys/vfs.h:164: warning: its scope is only this definition or declaration, /usr/include/sys/vfs.h:164: warning: which is probably not what you want. then: smbwrapper/smbw.c:1402: warning: `struct stat64' declared inside parameter list smbwrapper/smbw.c: In function `stat64_convert': smbwrapper/smbw.c:1404: dereferencing pointer to incomplete type smbwrapper/smbw.c:1405: dereferencing pointer to incomplete type smbwrapper/smbw.c:1406: dereferencing pointer to incomplete type smbwrapper/smbw.c:1407: dereferencing pointer to incomplete type smbwrapper/smbw.c:1408: dereferencing pointer to incomplete type smbwrapper/smbw.c:1409: dereferencing pointer to incomplete type smbwrapper/smbw.c:1410: dereferencing pointer to incomplete type smbwrapper/smbw.c:1411: dereferencing pointer to incomplete type smbwrapper/smbw.c:1412: dereferencing pointer to incomplete type smbwrapper/smbw.c:1413: dereferencing pointer to incomplete type smbwrapper/smbw.c:1414: dereferencing pointer to incomplete type smbwrapper/smbw.c:1415: dereferencing pointer to incomplete type smbwrapper/smbw.c:1416: dereferencing pointer to incomplete type smbwrapper/smbw.c: At top level: smbwrapper/smbw.c:1421: warning: `struct dirent64' declared inside parameter list smbwrapper/smbw.c: In function `dirent64_convert': smbwrapper/smbw.c:1423: dereferencing pointer to incomplete type smbwrapper/smbw.c:1424: dereferencing pointer to incomplete type smbwrapper/smbw.c:1425: dereferencing pointer to incomplete type smbwrapper/smbw.c:1426: dereferencing pointer to incomplete type gmake: *** [smbwrapper/smbw.po] Error 1 --------------------------------------------------------------------- Andrew J. Perrin - aperrin@demog.berkeley.edu - NT/Unix Admin/Support Department of Demography - University of California at Berkeley 2232 Piedmont Avenue #2120 - Berkeley, California, 94720-2120 USA http://demog.berkeley.edu/~aperrin --------------------------SEIU1199 From thwartedefforts at wonky.org Sat Oct 24 20:10:24 1998 From: thwartedefforts at wonky.org (thwartedefforts@wonky.org) Date: Tue Dec 2 02:24:37 2003 Subject: NT sending guest username and parameter parsing problem Message-ID: <19981024201024.19265.cpmta@fillmore.criticalpath.net> >> NT Workstations (SP3) seem to be sending 'guest' as the username at times >> when requesting a list of shares. This makes the %U parameter mostly >> useless. Take the following example (please!): > > it's not nt wkstas, it's samba. and no, there isn't really a good > solution. i've seen this happen with win95 too. Right. I said that wrong. NT wrkst is sending a blank username, which samba interpretes as guest. Looking at the code in smbd/reply.c, approx line 582, in function reply_sessetup_and_X, I see this block of code: /* If no username is sent use the guest account */ if (!*user) { pstrcpy(user,lp_guestaccount(-1)); /* If no user and no password then set guest flag. */ if( *smb_apasswd == 0) guest = True; } strlower(user); /* * In share level security, only overwrite sesssetup_use if * it's a non null-session share. Helps keep %U and %G * working. */ if((lp_security() != SEC_SHARE) || *user) pstrcpy(sesssetup_user,user); reload_services(True); The first if statement, by checking for no username and always setting it to guest, makes the second if always succeed because *user is always true. I'm not sure what the comment before the second if is saying. The assignment to sesssetup_user is being done so that the username that was sent is being used by the reload_services call, but should that be done when security is SEC_SHARE? I have a feeling the second if should be: if((lp_security() == SEC_SHARE) && *user) or if((lp_security() != SEC_SHARE) && *user) (depending on how you interprete the comment) or the reload_services call could be moved up between the two ifs (but then in share level security, 'guest' won't be used in the call to reload_services, if that is what you want), or these two ifs should some how change position. I'm still trying to figure out how to move things around and change the conditions to get the effect I think is needed. These are the conditions I'm trying to end up with: - sesssetup_user should be set to something meaninful (non-guest if possible) before calling reload_services. - sesssetup_user should not be an empty string (otherwise %U expands to nothing). - sesssetup_user should keep it's value if it's not empty and no username was sent by the client. - sesssetup_user should get the value of user if sesssetup_user is the guest account and a non-guest account was sent by the client. - can't set sam_logon_in_ssb to true because sometimes samlogon_user isn't set (like after a reconnection when smbd is killed). Although, my impression is that as long as the server is up and connections are maintained throughout the life of a client logon, then samlogon_user should contain the username of the user who logged on. Did I miss anything? During my tests, I've noticed that in reply_sesssetup_and_X conn is always NULL. When does conn get a value? There are some fields in it that I wanted to take a look at, but it seems to go unused. As a side note, where is the option 'security = domain' documented? I can't figure out exactly what it does. The man page only documents share, user, and server, and an examination of the files in docs/ doesn't give any usefull information. As an educated guess, does it implement trust relationships for a samba server being a member of a domain, and if so, how is that different than security = server (other than requiring a machine account in the domain). Andy. thwartedefforts@wonky.org From twinders at SPC.cc.tx.us Sun Oct 25 04:54:58 1998 From: twinders at SPC.cc.tx.us (Tim Winders) Date: Tue Dec 2 02:24:37 2003 Subject: rpcclient help Message-ID: I have 2.0.0alpha installed on a DU box. This is called the SPC domain. I also have a domain of NT only boxes called STUDENT. I administer both domains. Is there a way to use rpcclient from my samba box to change a users password in the STUDENT (non samba) domain? I will not know the existing password, I will want to reset it to something different. Thanks... === Tim --------------------------------------------------------------------- | Tim Winders, CNE, MCSE | Email: TWinders@SPC.cc.tx.us | | Network Administrator | Phone: 806-894-9611 x 2369 | | South Plains College | Fax: 806-897-4711 | --------------------------------------------------------------------- From suprem at mygale.org Sun Oct 25 22:40:54 1998 From: suprem at mygale.org (Remy Bruno) Date: Tue Dec 2 02:24:37 2003 Subject: problem with samba on a NT domain References: <36274123.A044EDD2@mygale.org> <362FC1E5.B4B06EF4@mygale.org> <3630BB27.79EF05E7@eng.auburn.edu> Message-ID: <3633A8F6.353D0072@mygale.org> Gerald Carter wrote: > > Did you create a machine account on the PDC for the > samba box? > yes naturally, I've an account on the NT server, not especially for the samba box, but for a win95 box, but this shouldn't cause any problems thanks to samba!!?? Remy BRUNO http://www.mygale.org/~suprem e-mail: suprem@mygale.org From D.Bannon at latrobe.edu.au Sun Oct 25 21:40:40 1998 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:24:37 2003 Subject: Access permissions In-Reply-To: Message-ID: <3.0.3.32.19981026084040.00752e0c@bioserve.biochem.latrobe.edu.au> At 08:26 PM 23/10/1998 +1000, Jason Armstrong wrote: > >My problem: Can't access Registry settings. > Could it be that you have copied profiles between users. The NTUSER.DAT file includes (internally) a list of who can access it. If someone not on that list tries to use it because its in their profile directory, NT acts that way. Seems to work OK but no user settings possible. David ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From lkcl at switchboard.net Mon Oct 26 16:45:56 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:37 2003 Subject: rpcclient help In-Reply-To: Message-ID: On Sun, 25 Oct 1998, Tim Winders wrote: > I have 2.0.0alpha installed on a DU box. This is called the SPC domain. > I also have a domain of NT only boxes called STUDENT. I administer both > domains. Is there a way to use rpcclient from my samba box to change a > users password in the STUDENT (non samba) domain? I will not know the > existing password, I will want to reset it to something different. rpcclient -S STUDENT_PDC -U user Password: user's password smb> ntpass New Password (ONLY ONCE!): changed smb> quit answer, yes. sorry, you will need to know the old password. From twinders at SPC.cc.tx.us Mon Oct 26 17:16:59 1998 From: twinders at SPC.cc.tx.us (Tim Winders) Date: Tue Dec 2 02:24:37 2003 Subject: rpcclient help In-Reply-To: Message-ID: Thanks, Luke. This will be helpful for the future, but doesn't help my SPECIFIC problem. I was hoping to avoid User Mangler to go in and reset a user password. Is that something that could be easily implemented? On Mon, 26 Oct 1998, Luke Kenneth Casson Leighton wrote: > On Sun, 25 Oct 1998, Tim Winders wrote: > > > I have 2.0.0alpha installed on a DU box. This is called the SPC domain. > > I also have a domain of NT only boxes called STUDENT. I administer both > > domains. Is there a way to use rpcclient from my samba box to change a > > users password in the STUDENT (non samba) domain? I will not know the > > existing password, I will want to reset it to something different. > > rpcclient -S STUDENT_PDC -U user > Password: user's password > smb> ntpass > New Password (ONLY ONCE!): > changed > smb> quit > > answer, yes. sorry, you will need to know the old password. > > === Tim --------------------------------------------------------------------- | Tim Winders, CNE, MCSE | Email: TWinders@SPC.cc.tx.us | | Network Administrator | Phone: 806-894-9611 x 2369 | | South Plains College | Fax: 806-897-4711 | --------------------------------------------------------------------- From lkcl at switchboard.net Mon Oct 26 18:49:18 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:37 2003 Subject: rpcclient help In-Reply-To: Message-ID: On Mon, 26 Oct 1998, Tim Winders wrote: > Thanks, Luke. This will be helpful for the future, but doesn't help my > SPECIFIC problem. I was hoping to avoid User Mangler to go in and reset a > user password. Is that something that could be easily implemented? from what i've seen (user details changing in usrmgr) there are some specific locations that look totally garbled. i _think_ they may be unicode strings but they are pretty wierd unicode string contents. interestingly, the "comments", e.g "description of user" is not encrypted... luke From schmieta at rutcor.rutgers.edu Mon Oct 26 18:53:42 1998 From: schmieta at rutcor.rutgers.edu (Stefan Schmieta) Date: Tue Dec 2 02:24:37 2003 Subject: USERMGR.EXE and samba PDC Message-ID: <199810261853.NAA03562@minkowski.rutgers.edu> Despite some encouraging messages about User Manager on this list, I still can't use it to connect to my samba PDC running the latest alpha code (CVS update at 12pm EST). User Manager complains that an RPC call failed and rpcclient complains about "cli_pipe: return critical error. Error was code 0" when I try an "enumusers -g -u". Attached is a debug 100 log of rpcclient and the server side logs of rpcclient -S neumann lsaquery enumusers -g -u Stefan -------------- next part -------------- A non-text attachment was scrubbed... Name: logs.tar.gz Type: application/x-gzip Size: 15726 bytes Desc: logs.tar.gz Url : http://lists.samba.org/archive/samba-ntdom/attachments/19981026/dd6ffb54/logs.tar.bin From peloy at ven.ra.rockwell.com Mon Oct 26 20:19:50 1998 From: peloy at ven.ra.rockwell.com (peloy@ven.ra.rockwell.com) Date: Tue Dec 2 02:24:37 2003 Subject: Current CVS code makes NT4SP3 crash at logon Message-ID: <712lh6$b58$1@zeus.ven.ra.rockwell.com> Hi, just wanted to let you know that the current CVS code (checked out about 10 minutes ago) makes Windows NT Workstation 4 with SP3 crash while logging into the Samba PDC. I get the Blue Screen of Death and then must restart the workstation. Going back to an old version of Samba (Oct. 21, I think) brings everything back to normal. peloy.- From schmieta at rutcor.rutgers.edu Mon Oct 26 21:04:34 1998 From: schmieta at rutcor.rutgers.edu (Stefan Schmieta) Date: Tue Dec 2 02:24:38 2003 Subject: USERMGR.EXE and samba PDC (2nd try) Message-ID: <199810262104.QAA03807@minkowski.rutgers.edu> Despite some encouraging messages about User Manager on this list, I still can't use it to connect to my samba PDC running the latest alpha code (CVS update at 12pm EST). User Manager complains that an RPC call failed and rpcclient complains about "cli_pipe: return critical error. Error was code 0" when I try an "enumusers -g -u". Attached is a uuencode debug 100 log of rpcclient and the server side logs of rpcclient -S neumann lsaquery enumusers -g -u Stefan Schmieta begin 600 logs.tar.gz M'XL("$G"-#8``VQO9W,N=&%R`.Q=;7/:2+:>S_LKNO9.U65J$RRU7J&&J7(P MGDE-;&?CI';V)BZM`($U!HE(PD[FP_[V>TYW"X21A(2:D,F82FP0\M.G3Y\^ M?=ZZ-0NG[:UC!,W(N2[>'0[][W$+;HO"L/D2]#SA5_OU4['/E&5$VH2 M5>MJ>E=1GQ'SABSNTPQBTND0LTH%IH1*M/E9'0:Q7B`*DSDB\'(V\.)XL9Q+IHE^` MKG2D(F\Q^PQH[+<3+[R1[\Y:JLY&R`]\D(=XZB2?%UY/^62K[--DYDYC^%@T M%N8&G0^1GWA.#*1Y24OM4";'&Q?-9_H/>T&9N5!P)4P\HA=`JLH&9N2Y8P=8 MXB:/5^,IOV[/5[VE-KD\*D$O\^\<9GY9@[O5?8^<1Y&2:]( M8`L;5%<-#D>CGDH[U61JO)POG+&;N"W=,MDL?P^:ZX8HE!@*T35"X>>`Z`8Q M=&)8A.CGQ*!$?X%?P!WX_ISH\$7[=9]<#M[^BUR]^96\?G/U.N&AC_)F],+HK:5-FE?O.R_N;J^VI\` M"K?H)G;Y4?>Q'=Y]0]N@3`,;Y?PM8\`5>?/K-5)2I+0K$*#A$"CY?64,SR.. MM$7/R94@97\"=.3`^69?-='7E+(^&Z$!(Y&]P:&_)EI;`4I>G5Y>G%[N3X`! MMV3'731XAA?951!0FW%>P??\#C;^[5<7*FG3WQ2%MMO[$V"B$&K$5(EY1DR* M;P09T%'!_&T.7*-%T&Y?DK>D*0[R.+:7@WB!S\9W3IB96GI"F4ZC%U=K3?7%R\";PI_ ME)`6Z$^BZ4K1$IRV(.Y?V0KB:6Z2^B2 M&_D-"=V4ZHI457R9EK2#=(D+^F'8!7.93^4#8+.Y6H3[K?D[WUI_=HV[KC!K MYMJ;@2N7'?;+5#/CO-OA3_62'XR]3SVS@;G:41M:JZIF'M5>5:W: M!BM-6[Q_N'^OW/1,TE(^F46ZO2*.>@.VKZUHB*5116L(1V]ZU&"$`8L:8FG0 M10-H0[3S\\9P.I)F<+"&4,9-CU'5E"13(K6#3"TI.P8\[)=:`]`URUB'5;N(770?ZG@4UQ=G+Z\+/0DZD?M.H:\L!U@B;A=QSA\X$XM M"N1("-Q918MV[<`=S0;N:%'@HU+@#CJ\80II?Z[`G5J[\UN&D*QE796TK,-2 M`$Z!PI86O?E2#"L!6SZ;+BFP!L"0L$7=:(H%^E_3%8Y5&.&O;@5)83M:0&SY M5>WFQH\4BCJ2<-#JD0,D2\31W-D7:&.M-HJ2%A77:D,EQCGI#,BI1NQS,A@0 ML)E>]`DY,\FY@0%`6R6*210#5U7%(N2?3IN]"/]UU2#DR=9JB]BG^//LE)@* M4:!U1@:+LL,_.XU(<\-!)>3G]L_M_R`!U_U?+EX.WIXVB[LK2KY=@H;)MB$! M]Y&VL%+(&3<;WC6+NYL#8G:(93/X3`!81(!S7H'_J8W!).(6,7__V&<,;V.P M%Q:_50Y_/DJ4I@".&XR=WV#U9GT]"^>N'_3>IQ8>8]T-(9=N`A;)U77O_3OH MUHWX_,H-+ERXNS1D5K%]BR_VJWYU`W?N`;20GK]*0`ZE<>'&\7AXPG]!?\#. MC%RP-:=>`BTM'H`S+557.+_<""1C^)D@N[HD+4[9C8Y(+I>YQ(T0&!FP>/"" MI*4S2V[K>I>$"R_`DH=\7BTB_Q[H3*$?QL5*+&6%KI:$QP]&Q"+R[L*% M*^124>RB2,HAB9BY#Y$7_+'6$<>8'&-_Z`I5:=#.,2@(9Z"PQ5`8BGF,F;'P MO>C>"[QTR3#+LA8'H^+6C6#!'7,B.M0L24(=3D^!/90(?8VEM<>@(0%MO1RM MI@4]!@UWX=1-5TYJ:L<@81@MTQ5#4^E15JW?)Y$;C,)4'+3C6%+PUO[=G;]:M`R;'H.*813>IYR@G:/HZH\K[:!W M"HOK#VO<+\&8#-*98>C'4%$+?[92D4>Q9OW?_506;?,HR]4\#KRQ[]ZE?#B* M59_&7U)IT`OU9.5`C\&RC9-P&8PKQWFLG"YZP7BCBS8+N#VZVB6C61AC811V M+XS&+-13%+_4T_BEN!F#29@6$Q^=\*ZE=5C&L7\+9CZR[?KB10;[,=MV%%Z5 MM*.K++H'!NP,$XX>C-3(\^^]HAA4!=)UJJ8Q_,SE[KHOEV_)Q9F^ZDZ3EEB> M]Q$>=`8:(A,71J`)N+8Y`J\N9%&M,\E\A">H9OMWO'$AX59^W!:$X=X?><%R M/O0BF(6&+6*V&U^`E(;+V3CXWP3$$Z;%#O'1\MMRQV/G-IQ[+54(#UQ`!N$U M\(Q!@)(0YG8*3MR$G$3+9!1&)TO]9'>;6_QCX>YI%"X7,581,.%*P?V8^`'1 M"?^ZBU'B9T1Y!K:>8NBH+8H,OIR&(F_JQZ!*G'M00BU`P)96^HBD7\,L3T*F M3RHP<%<;K#?]F>=&R,*Q-W&7LP2:LA1W5"N6Y`4M(\,P'#068:'.@D*#;[+.0$H.5B\R#JOF8(W\ M'*#8!4+9AA.^)T-LB'DG,H!DZ!+:5@KKBBOF8.D9L11B06L&:[J/'TT[S4!N MIT?)\P5.P,4M<44RM%D.EI>!U2G;$@E$B25;=G[)%MVG9,M>E6SEAS:HS)(M M,W=F4BD56]JD`+MVQ9:6J=C*#\;2:JK4U#95J2&_7JN4DL:*--=N+VNRIB*M M#E6N2*OCE"O2ZCA::=%T*=(6;44'G]?&?V.UH"+W$/@_8%YUT MNZK.]%3[PX?+P;N+4W)Y^>'EZ_[WN7Y-.0$;13$I?.7M<-!HOB[,G:M5BT'` M)`UVU('0M46_:6OAWPHS2^/3]V=0-6,/C6VN:8#F`D3*N>2.!+W,\G?XQQ;E M.ZQ.9[/P`6RU]>D)9!*%DI5*[;;8MI9U?N$=S+5%W MF=R&D1][SBR<^@%8BZP;I_W^X/7;P5F7W(-JAM$#(M`&#N^(&Y,@#)Y/T8S< MT8YP.Z"9N7OG9<^`T&QF5O?Y%7`P0&."$7^2S!?%TX)A`A6`-_1`,WH.NK\M MVF%+7>82DMIK*<^8Q?X#F>(G=`G@?PEK,C+;OSWSHY:JJ1WN%H,_@]9^"7G5 M_OY1S4>EKBZ#;&S<1'&XR'MLB*ZB^_V'AW=9M(GI&Q#LE)1Q.X(`)3Q M[U$L-H(1I(44L1%XQDA"YN^<9OGE3MEIQBMW^*05!/3\Q>A[UGJOS!6KN/;J MG89K;Q4WIOKJJ^ZQ^A892W_JU5?*JIGKWU9?-+-K5K7U"]>LLG6KO@UOY&_T MVEE%+2 M6(OD!]_+VJRI1JI#E:N1ZCALUP7?:&@5[+FH#H:6O*'Q';:-P71)/2S?=EH= MIWS#174J->83E27EM(&4[[8NMVVHPAAYGX6E66C!'&/H])\(QL M_K==Q_[`-O8IUR%(VU\'+,".H5BE6M)E4^=-@F5E]D.@:"?4MNW6`\\V!"X7[; M3.-E%D2-Q@TFYF':X;C+T\*"@D6PG/>PZ1WS9SV`XEP<,0/3+5X=YEKD?=== MMTUZJ;PT\%Q493/]4-]UJ1(".:SSHGV3S@M5]/0PDN;.B\;-*-5Z\ET*?1+($?(>O4@-(EH!360).90DXE27@5):`4UD"KLD2 M<&VW)UX#C%8YAJ\&'@@YL[WRRY5*@38<\MP:"6.?K(N*)ND^8'EI%P03>1=V7D[C\H&_FL`Z.G3@)W8.@!ZJ=* M26GLON3O[*X^@Z19>#<]BRD)/?^\I!HJ4);BN@&V\3.4'N=7S7_A!;C3_^-]Z'@RU M3;ZZ8R"KX:)L%^G3ZF%R8U5^8>!'13S%0L$CO/#G"_RI*ND7'UZ_?#WXL#K. M*_\)!N4$9"L7L?C#%M@*.\YK38`&[9KBY^H.TOXE/4],P2<)-"%`'.>U:C1+ M!OZR;'QLA:83,.[XS_X9676O7ZYXC0L5,IPU_7?> M[-^A-6B8)6Y^R*)TR:*K?%(U$Q8$ML?6"2<3$*4N0=NPG`L@>K%WPGXZBXC[ M);$S]H;+:4MCI+$'S2ELO?)#QIO;<50T>TM1EWZ0V"U59:X)OCRJ`?+<_1V& M#E]=DG_^P;[`?K`&+G)^]P%>W"7L*7`,.+?6;D]@]C"YQA1KM*5JG4^Z)(Q+"KC51:X3?3\G5%<:U1NSC(+FN,K MC5!;SW]:?XYC&7I!?:P7G&A8I!K,JL#XR@J;,#EAO'FWES+TCBJO.CWMP>A4'B?4K8 M%&PVNW/4*9(??PX2]Q.6(1027E\R)UG)]"?NR-M_08Q;[$#PQR.+MB'32MLN MS&A,W"'Q)CDNAULX_?86,=`^,2OYV2%@M;D(G?ER7$3?:XR^E^T2;TC4$1EQ M7VE"/.8KH:LT7+M*A^9BB8U?5>L;JE&@]7$'$RPQ\2(,8J]-X,:#&(%.L3JN M+0PYX'*5_5`YJ+)?P1]&V3/XZLJ^/OOM+/O=,?`_3O:W\HL8!$8^OQ;: M!M[PW'-W#]87#4'RP3QW0?FFY[Y7O*@(^S">.\>NY[EG`G"C<"'BI@X/O+*Z M81;55@U6'UY\1U?$:M\K[;9RPW0'OC7MW&=*5$W0T\TGR==/T%>I,#YPBKYD M;+]PBMX4CY'Z>E+T4G#TFQ[?4Z4US=!*S,]+XK4EK6]?08Y^([UKYIZU5SV] MN\[B]F%=R61Q,>VJYZ5=UZF],TGIW?PLKJ!)>9R!7F5UD1)FDC=+[V[L`]/P M7X:`[;ROPO>!@0L@(\&MB2%(,[?93.M&JC6;:268T5T_,.L?[5^:I7>SF=MJ MF=;_L-;EE?O1PFFY1[D?@*7E?OF';LLM]].*BLROV>ROV^MG(_2:+]5.[W1>W!"N5^RJ:A*+_< M3^MG["V:(8#J6^:8"=;0CZE!^GU3`G+*_38XH-I;!*06L1P.I/9@WK_B+]8F M>6,"]&T.5'BUR^S!OUS%G:D\5=P]5=S])2ONQC8='29NSX$/$+=GP!MQ>YG` M!XG;*VS/LG+B]E$Q73BV:]Q$+[602#[2'`.[C MTVT$[;(2)IPYJW(HF9E:CATR799.3J7(R=Y==RB*%UNF+9[SC0M@MM*P\CJ3 M0<9OA"YN6?P,F4>7N^Q"D$`;#C^E!Y2VB8;"X_M>79\Z5Z\'EZ^O7KWL_UN* M<-FX$J%P?11'!X4S20E@H2V22-AJLNOL.'[\.4Z\N<.?^*0H1M$8[9.B%YP) MA[\[;M*@:F0[,=69T%&4RB6"SIT2&*2Y0A449$`1/:(\H$(P^JBF6J MJB9)$PARXL1-EO%.$4`GNN(R8^NI"P>>U\;B4K([W8CX/]3!5#J2>QE>'[C%4"RRF*/4@%T M,$\B7K"":IGD;_L2^QLU>:R7Y4ODR/K(#4;>S!DELF MK)Q+>2KGDIB"U<7QUE]/"O;;+>>2Q.MOMYQ+EU;.1;?*N;2LH9US4H,B*7V7 MGR1[?"FU]&4FKUCZ;N4YG+*32?I$.2/*``@XWW`=#I(]T^2>5;'/P6DR*ZF4 M=2558>Y%8B45+;*N)%126;D/J=JGDLK*5E+1VJ5$&W79M.%"_E1)M5[&V8)` M!U_/,OY42?54226EDDJ2:#]54M4RQ8RB<-.?J)**#C(65[:P/5MI+_Y9\DVQ M(I.OT$:3;8H],OEV/_TV;?^IE(F7,H'J>2IE>BIE>BIE>BIE^F9*F6B)BOCJ M2YGVXOM74LI4YBU^U:5,^Q^A]C65,EE%I4S_?#=X\^^7_]_>M7ZW;6/Y?M9? M@>UNS[IG:I4/\"&=:<\XLKW-F<;IY'%V9IH<#271B3:RY(IRVNR'_=L7%^`# M)`$2X$.V$R*.;!'@Q<7[7MP?+JXNG_>#9R(UL/_4G=>VU)-,][B$&*YQ;[`$ M45=<;Z]W\^4FB,$CG8Q_'CA2V3K-@!1WVQ49^8N[Z^MP/T66U0Y1DZ^4.`O% M6M%'O:3N>%:[FY9U4_9FD];/FI('/$;LL$1=J_&+\>OQJ/!L_)W^=CL_)[V?C ML_'3\95T%Z%1#[&7_`Q!>J+5(1Z5*QSX[`+9,JH=4KYN,9*B8*-0%$3^=Z(P M",I#2!-IZ..9QLK.-D8Q\G M&WR<;)RWK;8&;(N(H*%!%&G86S\GTBC`9+PPX6UT0\71F^ M;3D#*%8=%#NQ!E`L3W@`Q:+[`<5ZC]DM7F][4DG(:U![>B#E\,C@&FZJNS/%Q=KFHH7MS8!QGJ\6YD4)9%A$0YR M+(*K@\9P>+\V0F"L9?$,O.'`$%^W8B!&8YAGV:>!>08X]W_&1;D&*M`8:@R( M_-I<<`PXE`&'MI!#.<,VST"\N=.<@=BO#;[,?].&`0\8R...%((X`TB56NP!(E_AK!)!V^P9(N\<& M2)U,4"Z*>%:8U1#PO4`Z8:$ZXU1*H3;`*15Z#<%2#>E MK6*,:EHO`F-4)R-&"R#=E'E5@'33BEE")!N2+B7/2DM@'0#O4X9(-V4=D][4C*`=&][4A4`Z:;L MJP*DFU9]5[M2C0#2#0G7`Z1+]I,C`J15P31'`4CW#*>IJ/PCPVFJ,;OW@J?I MA$X=0/I>P#1=578=0/I1(6I4`-+J:`QE@'2*DK@O@+23,C``I`>`]`"0'@#2 M&4!:)A]T`9"6(5*T`=*3'$"Z0CE0`$@GDM(`D&X/D*9@9*LM]',`2`\`Z0<' MD.ZF:P\`:3V`M&R_[3$!I'F1W.$8,$NR&!7'OONL`=)MQ;$O#QZ-!WCT`(\> MX-&=FJ(&>/3]PJ.[LH?+:/]N.#1A@P>/?OY^,>Q+45U_OJ`'\6W)W6`>V;BQ;ASHP=5NR<:5MZC8-SM:-*^3! MVG4)*[CJ.[0"Y2Q+:+^7F]8K]DH;F MD^5F%X7W:3[Y_#;^$[F?IDU--C136MLGL56D^'Q*,YI6%*6RKBB-M##PD.B* MM,9HS$JU7/JR!S<9V4Z[R>C^50I]C4)IA.JOP:"'=[4$$UKQ"FR+5C#3Z'(! M]F59=+``.S+:^@NPR2W`$]$B!&15^CPI+]_G`TNWT]>NP-6JJEULM>GE.RA-ALP5"5`5^T;.1:R+W''F6RE;/FRBXV0LW M>,3"CZKZMSTPT^_?*U5`R*,G%3"I-4I[>Z#F#T+_)KB=QT;IU3JZW45K$-I. M;$RE6W'L%#T+;F^)HE..0B8Z[)!,M,*E[+<'J@O%:B&F;<\_FZ+GY$\H+%6J M6.O4-(Z,NFN4J?]UN_L]AH$!:;1CN81IV2T5#0;ON M6=6P/TM5P[)CN;<+5<-F0H_I#9I&@Z,M>BI&)W0&]>*1JA?=$.I2M>B&T.>M M5MA6K!;ZQN>A6>0)==7!K:XZN-55![>ZZN!65QWC)J\^^:RDM'7;ON5+ZF`B,_E:^IP%2=RM=480#Z9,;0 M)R%>0&-5]F7S:7>G\I]08*?6J?P:!@J@47&;G[R]#XY\RU*K1 MCH$$-&J6L*$FX#0,`&CU[@BXNXTPM&UK! M]9`_0>ALEN<,(^<TB=!F=4.?!*4^6OBDZ#6RJ$#3:RP,#2%)N8M&&JFD]8>"2!3SA_!I)T_ M`JX&.O1'4$NU=*0KM&Q#X8AH8\)U1T2;$LX=$5UT2#AW1+0QQ_FSA#'+:D=$ ME>CGSQ+&G.>.B$KUZT:T%8Z(-JX7P1'1"D6SYFC\8KV%(?G;"7:]9*;+14S1 MBBPHJ]3T.T8DI7S.4,[.C3]A#\`>@#*>/Z/?.:[YGKZV`9-E\. M2_?9,=Y!*J1S4EEY6:Y0L$#AM4#9"):-&9%U,3+W1!3A4]/\VK5HXR/6(FA= M*]"Z_`"%"V0NT9)I2=().Q%!)S+IV/]*_SZGNP71J^3?4J^G\F>DE>?[/6KW^>K/UB1^H\.S65\ M604EU\N)G.>4,&%VR@LWLIT,_:G>Y2N&C*F[S2'J1O?)N(=U*B9=L4PU MKG5&FCYHM\3*,P@BHJC69J!=^Y;1ZQ)!F7\(2P1E1'.)N%>]7=&U4V/"W>OM M`M=.S6>A!JZ=&G0-+==.#0:PR+43;K1;U,*U4^-ZT=/;HUZ]`;E";T#*IGGK M"-Z`^C;.5[3MD8WS#*&&A=?RW(]QOA,Z-=Z`[LES6^?QI)<4S MW_7>@&8E;T"8]W:>&EPSH]YY1X9=L?TVYLDHVIY3>RYP0D7R=H9=0MY-SFR1 M3_+#,5"V^()IFZD`79BVDQN0$ILM;V/-&5EY&RL"6V[FCNA/XY]$#)C*AEW> M9JMF8_V7S-\[Y-H`Z6>)AV4M,2'2S\I<$EE"*T&Y9EHA_80KD]D)TL\7BI!F M$Z2?S2/]Q%*8J8KTZ_W^G6I6>D+Z5>6I(TRHTP%A(D;5M:14+4RHTU%`^JD3 MJT;ZJ=.IEB?4Z50C_=3I5"/]U.E4RQ+J=*IE"8WN6(?TTR#57=>N1?IID*I& M^FD0JD/Z:9!20OI5TLL)A)YP[,IH`[5^D2 MH'A@=P*X*[':!>"NQ%\CP)W9-^#./"[@KE35]P^XRVJ@RXW[.JJ-`7=-"==N MW#!!OW0@2<[HC1N0"H,?/E M&QFD>Q@M\5#M*EY$.W\!D-@;I=GR`B"9GQ7A"L/15;W^!^AGM_\0Z5)P_<_+ MLV=="R?KD#0LWXCN6RWX?+0>#86SA2'_1SJ`Q:[:IR5V03" ML$S&Q=UV'1WV5D>\9_P3NG/`OB3P#@A!]YFL=DN4=E\Y_J5M24@5=5`25M4G MEFF7I>=ZV[[`3Q:S0VNXH17DHO'*-QVQ3EX@J^W MN\UZ^8EZ.38MFEOB7XI&(!+QJ_F6,V!PQ['R]H/DY\R&*^QMC&RWI*UAV68@ M5E)7'9QEJQ9>5>R=5]7/->#OLOHY,3'=0;[=G(JH9(QGS/H;,I M^1LN.3O<18E3[I?AX4#]NK&Z8I$_``0"1/^*?>A"OM0C',F4+A5478LG[1/3 ML=@^.43%#Z=PL+Z&N+K('J\3^[IUH@5`$BJ.5"N*7A$B;*M+T$%#65 M=E#^)[#1,NF??(?J9@J+V6%=077:5^T*KK`KR,94FTL#$ZE%F>^8\I'N#.Q` M.17?&:BOE*D"RYH2[EX_5;PSL"GA/O13/6"9OKJA?&=@8]K]Z*=28%EO^JG\ MSD`M]K\:PH,/F]V[,6G_7O,P#4+HJVCY_F8='@)9NOUN=S@&/T<.9'JA^R34ZA`> MB/Y'%F9$>@5%;:`?$,-#%!-!`MA@)@F^OXOVWV]V9'[ZG@@4B^#[CP%\?S?^ MYD;PXN^[_8=W^]W=+7GSQ>M7L^B5(N]K=!.LMY+7;1B3]IS"2 MIX(MJOV.R#9[:4I*"$7+_?KV0!*Q/Z(WW]R,%\%!FOXV.+PGJ:7QJ_WZ(]3# M/Z?2).]W-]3=[YO]W6&YV[_YYK4@Z6U\A2B9Z:-06H;H_6Y_4$Q+(Z-P"QZO M*8O;G6!*-XSOD/66O4;:+5B1OVY`/]L1T8_"@$XLTZ'&E5^8&0YRB:/0U[]N MPP,MY=NO185BE5?J(\E+HAX"P*Q@L8D9+B=X![M\:/=!%D_R^0!/)-&W=PNB MR/55&]#4D;`J%OO=[U%<+G%[U14,;(YHM]U\DB4(/@;K#9>%N'BVH'B;VSE\ M.[&P3['FMS?SV.9Z\BUBN#:B-/Q#EV:P6LW7M\L3$S-]CGP'CI_^,D/0?]=+ MD?40Z'EB>O%+1/%>@(W680U1C)B2R>!NL]K^YP'![@<9+40H"?050(KM;Z'[)OA3[1JN`8?@+3Z>) M'W?2:7>W"R+ZHM?GOR"&2A1>%\FRXK91*$7VPIRP;=LNY1N.7:+H;KD,PU5( MS;6W,'$(+Z-28=]S"NPCRC[8UW\`"_MWZ-UFMP@VR3LT-[)ZF(Y(2N6SY&S[ MY&O:[3R'YDC:[H8:L4F<4GV0^6XUWVV)3!I0:*>%F;4=G@.A`+&(!"Y)[P$@ MHKQ'`<+FMVE5$24?TE!5Y/R_7IP]DV0?[VH=UC1HJMB&[#Y3K8G+!-0;)^+=:["*5;-&`D,7^X MNGC][.SJ*MNX@L=6\?%#4HR()C8#\3^7^3/ZW#2^6_TV#S+1F*O]; MC@'ROXNM!R;_`]0G.@9#QPT*TG]#V5]=\E>1^U6E?CV9OUKBKY7WE:5]%5E? M7=)7D?/E`ER=M$0EV!%X`[HE\S&1*0A5LN+`;:3+S3K<'A#U%`21)"O?,48@ MH\U9W#QY;XK@*?"9/(&DX]$9DP"7[X-]!-.\0SX6'CK9G/YX1\B]VM^%WZ*3 MN],?-\FWXBN!`:\X.J_X-KSBZKRR=.%#BS$?PT>H]0KDXE_KO#(QX+#[GHE64"K]A:KP"&;J75+@%4\DJKP_A+>$6OPRS@ M%5_GE15T_I6I51;HEH'6>)G`J`RU*CF`U@^U6G\"HS+4:OT0RA+JE05>F4RT M7H%VF:RT7H$A%BZT:HP67X\QF"["0*N/T>E"ZY40>G*H5?R0%E^K)T^6]-!: M\L9EL(FX5]A7>(SS.]9HIBN?S/AO%CJN\0%HE"F,18).;$H*JA\2TZ12]G/SU[ M>O'J#/V:$V'>CL@RO=M\#&.PU-GA$-[<4F*;F_>[Z!"!@O^!R#X`3*;HX3B' M$;6.QHFF:!;`.DSO"$M>I*)62=`"/2Y.,487^STA^WL0H:L=*/WOV4ODV6J] M)X7:[3_)&00:4NYFN5KAZCXX)%KR9)0[2FE_!T[_RH_BPY5$ZWH),D0$.V=$ M6(I!>Z.R%FL4B9B@[PJ>)</20*,G?R,#MWF)TZY%T8 M<&<.D^.#+$%R>#`Y.LB>LF.#Z:%!;\2=_V,W!G^;/C+9I<3T5EO;`H`Y=S2/ MOU64.VE7N+^#.S;'W8,F.`3'G6<3489K3$V'W5KF8#[&)TS2Y-FC"7F$G0D] M%65/^,1P&HP5AWM6OJ.'/Z9E&K!FN2@HMX$GC():>5+8%7=Z/N[R?Z_)V+UT>],-RI[?Y/B_HE6:Y5UKY1]`P M@!UGA\LU[%(Q9(X_8<2_6`W0: M.EXJRHT,/EG+C^(F=CU!"^/):'^[3#6N>`N*-O9F??KC]6I*6V"*WOR(-E%` M9EBR`(R6-PP(2+\2O>YZ-T5LSWOZYDTRX0L3Y0@76(7]L/*CF/N)(^`>;JU\ M`IKFBU]FZ)?U;?BK9QC^6\Y3&F"2:(JS1738!\L#>DG]94YCB*+0I<<&=3P8(`9V1(P[NK,(D-D\=T*W#*:)Q&X97#@)^)8# M4(+3^Q)WEA9W0C`4=8(+:<2QU+%A0F:!#:/LE[`J::E$'E#S?#5T8+HHTBFZ13-2)BR1`U$)$]K.W:J9L,0M3V%P\):_ M-(,2C(V+R,/0LHB"7_$LHN`7G'M#A.+BWBMZY=7=+=Y>P-+]-I2C!.E99JB7/$JG6 ML412@X5'J5^Z)H-9(M=J#6>C9CAGCL>JAW/Q4X@J4.O[CQS=>=BJSM?6>V<7KT(Z1E-(A=]"%=TG\5`BT^',*(+&#/$ MDV5ZBO8@')S^F'V"SP$B1;F^9'%/?B,F'4Q\TQ"N\7%$>8UG$04?I%E$`>K- MO2%;X^/WBAX\LRCA&L^BI&L\5T4GP34UD.7K`=[\MJKZ\I("9+\)K^G!!$*) M.6,`T(4@+10%9%5TO=Y'!P2G\CU[5$$*>92_QKYRED[K'SS\O>K1.ZEM@]=?[UHGOI?&S9 M.W0QONC<.**BU-G$;D5A1I[RVF^KA MW$4H)5*0@M*A>[AD#KF#HS05KP"PY_80KOYM]//+,WH:$OU"#[&-P!4_]50! MQ[1(P@-I2JB6J-D_<0IY+='O9QS0C5N>A3=`AO MTI/$SC)3V?R$<))?4"\!1(B2ZHK`(6.3.A(1K"5Q1'DM81$%MQA9 MA&`MB=^0K27Q>_E#.TLN2KB6L"C!6F))IF3PR1#_YFF7W2I@GG[1*T(6E7=J M8+BC7*/0+X2[)7M"B"IIL;$`^_"T6)<^LV>/7HLM%Z1'+385OCMQGI8*W\G; M!J_.P3K&B_'L!\YN_SD1X_\CI2308G,\F25_:JE"\$8L?(M^Y!&%\^3C1(LM M\*00&)F2K@D.P03/$OT3&\)=ZT3_-!ZN_HEI_[/E=I7V^FE0`GU&7?$ZJ\GB/C@E"Z!`:)F&A: MX"&WNN/:33=-6FN,6%5CQ`+G6UR$0&/$)>=7%A%Y[,D,<2B:LRK2&)(BK%=AIOY\E"LYA@`&AM"U+58 MK*W%,G83>7Q?$/3CV+@R$G;J]W.67F-V:Q+"DK]*G([E4J0&::Z:``C!B83^=+4LFL M$':U<._EA'LKK!'NK5`JW!.![=$*]Z3<692><&^W%.Y-MY%P[XURC5(0[@E1 M)>'>LAZH<(_IVFY=/'KAOER0'H5[Q^E#N+[K7.\US[)/`_.4..., M<5'FJ5HUO>`H.9029:HIOLQ>LYBG;8RRB)SS;7`_ M_IR0.!V?PQ_@8>]I9F#EO6CG2V=FW[,*I%ZT"Z5S@9*#3"=+Y_OHW$=/P"&X M@YY<(OL,7+B1@6XYR+?1>;Z>IN/Q-Y22!Y3RLXM"B,=X:QW&E(HR?9B]K,[- M7EYSLY?=A1*3U)^R%L,8+8E&#F\1%&LQ<3G*6DQBSVFDQ9@E^4E;C>%4`,8+ M]=DY9^XNB>)K&LEY'C4#21K.IV89KFJ6EBV_)MQX,]A/G?7E^\^,?3J\OGOSS_^>GL M'^AD$WX,-\C^=AJ?*Y[F3O>@Y+0QR7FJG,MCWJEPAIV*_-K>\4X%'G8JAIV* M+V>G@M=A'LI.A5.KR0P[%9_E3D7:&5OO5#@II6&G8MBI^')W*O"P4_%`=BJ< M8:=BV*G(TQMV*C[#G0JGVYV*V687A1GR^S;$'C`,#]4#'.V;Y!V MDH889J-,J;KC-J/T&##,YE*"8:81(@PS1`@QS!`AQ##3-^089OJ>&,,,41(, M,T0)U^;[P#!3/N489LJK&,/,BB'`,$/$_6&8"S)K)8`9.!7(K)H_7+%+"D%A MPL9EWTDX]9V$1;Z3;$?HH8GI]ZF[?XGY\9SI!L]"OGT M?*JHI<1$9YDCY@Z(1K'S*G!13!UOH]-WZ/1NQ'241.DU/9L15:2:7#I".M=' M9&9?3;0.D).C3013TI0I\='+LV?H@C`3[HF"@5X#2Z/+_>XF]2&)7I%F2-UH MM:^!*^J;&9J<]/;].HRF],[4N3&ELV&P).LJF579-X@PIZ(>-BG[CYND[N,F M(N]Q0N]O6\N,];C)YDZ=`3?7"Y'Z>'YYIKELQA\76^X@@V^N MJG!\WUR&+S']TPB1Z1\BA+ZY($)H^J=OR$W_]#VQ;RZ(DIC^(4JZQG^IOKE8 M:\I\8""B+?7/"\A6\N>%WNFPMBJWQSL?B&OKG@Y2Y\GCU[P7OY*CGWCG$0'X/-73BUC`2.'CL03ZS9`;?^2".XG]/=$HK>>\3P9HH@*,YXSRSX9@!YAM9L@6_IK/,* MK-EG-N#";8R0[5+D>TGQ3`A@Y+XJ#@/-<&1K-I99L[',FHUEUFPLLV;C:FLV MEENSL=R:C24K_;U8LW&U-1O+K=E89LW&]V#-3D3R?5XDSZN)B4$[3@+?>=LV M%MJV15LU(&K9:$E'5F%@<970,=@U4UZ8Z72,J+54Z67T@J2T81&`>HJU&NJ\ MC*%ARYH-%UF%9Q55I13:VJ0J&;%]N@%@Q]#K?,NF<'$>Y9V9VV1H<4ID62!2 M0HK'#IHK4.*%G`0(\?@,<04Z/)]"A`S/IQ"APO,I1(CP?`H1&CR?0H0$C^M# M%P6N<5X:UP&5L1RH;#]BH#)N#E263_QJBJ+=#*C,GY?&):"R70-43A1%YZ&> MERYK4H]4410\[='`V>/P%K*Z+&UFL2$O,68(BI]D.! MQ&5=,!]?I0XJJ8%-RA>K@>%O:3*3;D@/2HW;B_*C*@%SZ2?R&*I4 M;OC;;<2"FJIR(Y,1+R_AQZA6;C2#0!VQ!>J(G:DC1&]8;@H`IB5)OB;#%9%Q MM=N/T07\0K\'$9D!5B'2/FH$IXK(FLA60[H2$GDA6&_"%?0->ACGM[OU833Z M:@A#&,(0AC"$(0QA"$,8PA"&,(0A#&$(0QC"$(8PA"$,80A#&,(0AC"$(0QA 5"$,8PA"&,(0AW'?X?Z_'PB\`6`(` ` end From lkcl at switchboard.net Mon Oct 26 21:13:26 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:38 2003 Subject: WARNING: domain parameters about to disappear! Message-ID: the following parameters are going to disappear fairly soon: - domain admin users - domain guest users - domain groups - domain admin group - domain guest group etc. why? because they will be replaced with: - map groupname - map aliasname these two files will have the following (identical) format: unixgroup Well-known NT Group unixgroup NT_GROUP_NAME example for the groupname map: adm Domain Admins users Domain Users example for the aliasname map: wheel Administrators users Users admins would be expected to use the "map username" functionality, which already exists. later i would like to extend the functionality of these three "map" systems to include DOMAIN_NAME\username, bu t not for now... luke From bsc at klondike.ml.org Mon Oct 26 21:32:13 1998 From: bsc at klondike.ml.org (bsc@klondike.ml.org) Date: Tue Dec 2 02:24:38 2003 Subject: Current CVS code makes NT4SP3 crash at logon In-Reply-To: <712lh6$b58$1@zeus.ven.ra.rockwell.com>; from peloy@ven.ra.rockwell.com on Tue, Oct 27, 1998 at 07:39:30AM +1100 References: <712lh6$b58$1@zeus.ven.ra.rockwell.com> Message-ID: <19981026133213.B15780@klondike.ml.org> I just picked up the code about 30 minutes ago and do not have this problem. I hope this helps. Blair. On Tue, Oct 27, 1998 at 07:39:30AM +1100, peloy@ven.ra.rockwell.com wrote: > Hi, > > just wanted to let you know that the current CVS code (checked out > about 10 minutes ago) makes Windows NT Workstation 4 with SP3 crash > while logging into the Samba PDC. > > I get the Blue Screen of Death and then must restart the workstation. > Going back to an old version of Samba (Oct. 21, I think) brings > everything back to normal. > > peloy.- -- --- end --- Blair Craft bsc@chss.schdist57.bc.ca http://www.klondike.ml.org/~bsc From jallison at cthulhu.engr.sgi.com Tue Oct 27 00:51:57 1998 From: jallison at cthulhu.engr.sgi.com (Jeremy Allison) Date: Tue Dec 2 02:24:38 2003 Subject: WARNING: domain parameters about to disappear! References: Message-ID: <3635192D.EA498BF1@engr.sgi.com> Luke Kenneth Casson Leighton wrote: > > > these two files will have the following (identical) format: > > unixgroup Well-known NT Group > unixgroup NT_GROUP_NAME > > example for the groupname map: > adm Domain Admins > users Domain Users > Luke, Can you call to discuss this, as I now understand the need for these changed parameters, but I don't like the name you've given them too much. Essentially we only need what you are calling a "groupname map" for a Samba server as PDC, whereas we will need what you are calling an "aliasname map" for any Samba server in a domain. I'd like to call these "groupname map" and "local group map" instead - as this makes more sense to local UNIX admins. Cheers, Jeremy. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From canfield at uindy.edu Tue Oct 27 03:31:01 1998 From: canfield at uindy.edu (Dana Canfield) Date: Tue Dec 2 02:24:38 2003 Subject: Odd problem with alpha9 Message-ID: Here's an interesting problem, that I would be most grateful for some help with... We recently upgraded from a homebrew P233 box to a VAResearch PII 400 box, both running RHL 5.1 with Intel EEPro 10/100 cards. When I moved to the 400 Mhz box, I installed the 2.0.0-alpha9 RPM that I had been using from the old box to the new one, and I then copied the MACHINE.SID file and the /etc/smbpasswd file over. What happens now is that the Samba PDC will run for about an hour or so, and then it will seem to hang. Clients will no longer connect to the box (connections timeout), and existing connections sometimes talk about semaphores expiring, but just generally quit working. The smbd continues to fork, though (as though it is receiving requests), until it blows the machine to oblivion. If samba is stopped and started (before crashing the machine), that isn't sufficient to make it work again. Instead you have to stop and re-start the network, then restart samba. Then the whole process repeats. I tried upgrading to alpha12, but neither box will operate properly with that version, and 13 doesn't compile cleanly. The new machine runs fine for everything else (including netatalk, which I figure is as strange as anything for network protocols). Does anyone have any idea what might be causing this? I'm particularly confused because I'm running the same OS, same samba binary, and same ethernet hardware on both machines. For now, I'm just using NFS and letting the old box do NT_DOM stuff, but I'd appreciate any thoughts on why this could be happening. Thanks! Dana From peloy at ven.ra.rockwell.com Tue Oct 27 13:39:08 1998 From: peloy at ven.ra.rockwell.com (peloy@ven.ra.rockwell.com) Date: Tue Dec 2 02:24:38 2003 Subject: Current CVS code makes NT4SP3 crash at logon References: <712lh6$b58$1@zeus.ven.ra.rockwell.com> <19981026133213.B15780@klondike.ml.org> Message-ID: <714ids$t6o$1@zeus.ven.ra.rockwell.com> Uhhmmm, I cvs update'd again this morning and my NT workstation is still crashing at login. I am clueless... peloy.- bsc@klondike.ml.org wrote: > > I just picked up the code about 30 minutes ago and do not have this problem. I > hope this helps. > > Blair. > > On Tue, Oct 27, 1998 at 07:39:30AM +1100, peloy@ven.ra.rockwell.com wrote: >> Hi, >> >> just wanted to let you know that the current CVS code (checked out >> about 10 minutes ago) makes Windows NT Workstation 4 with SP3 crash >> while logging into the Samba PDC. >> >> I get the Blue Screen of Death and then must restart the workstation. >> Going back to an old version of Samba (Oct. 21, I think) brings >> everything back to normal. >> >> peloy.- > > -- > --- end --- > Blair Craft > bsc@chss.schdist57.bc.ca > http://www.klondike.ml.org/~bsc > -- -- Eloy A. Paris Information Technology Department Rockwell Automation Venezuela Telephone: +58-2-9432311 Fax: +58-2-9431645 From lkcl at switchboard.net Tue Oct 27 15:18:23 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:38 2003 Subject: stricter UNICODE string checks Message-ID: ... appear to be popping up in NT. this _may_ solve some of the problems seen on the lists. please could people with USRMGR problems checkout the latest version and try it? From mathewss at nutech.com Tue Oct 27 17:38:51 1998 From: mathewss at nutech.com (Sean Mathews) Date: Tue Dec 2 02:24:38 2003 Subject: WARNING: domain parameters about to disappear! In-Reply-To: Message-ID: I just got a chill up my back :c) where do i send the party supplies when this is all working ? On Tue, 27 Oct 1998, Luke Kenneth Casson Leighton wrote: > the following parameters are going to disappear fairly soon: > > - domain admin users > - domain guest users > - domain groups > - domain admin group > - domain guest group > > etc. > > why? because they will be replaced with: > > - map groupname > - map aliasname > > these two files will have the following (identical) format: > > unixgroup Well-known NT Group > unixgroup NT_GROUP_NAME > > example for the groupname map: > adm Domain Admins > users Domain Users > > > example for the aliasname map: > wheel Administrators > users Users > > > admins would be expected to use the "map username" functionality, which > already exists. > > > later i would like to extend the functionality of these three "map" > systems to include DOMAIN_NAME\username, bu t not for now... > > luke > > > > > From cartegw at Eng.Auburn.EDU Tue Oct 27 21:38:43 1998 From: cartegw at Eng.Auburn.EDU (Gerald W. Carter) Date: Tue Dec 2 02:24:38 2003 Subject: WARNING: domain parameters about to disappear! References: Message-ID: <36363D63.7463C129@eng.auburn.edu> Just to make sure I'm on the same page (and possibly for others)... Luke Kenneth Casson Leighton wrote: > > example for the groupname map: > adm Domain Admins > users Domain Users The groupname map is needed in order to support domain groups which are normally defined by the NT PDC administrator. > example for the aliasname map: > wheel Administrators > users Users The local mapping is needed to that a samba box working in security=domain mode can have local groups which are not affected by nor defined in the domain. > admins would be expected to use the "map username" > functionality, which already exists. Not sure what you mean by this? Is the username map going to change? > later i would like to extend the functionality of these three "map" > systems to include DOMAIN_NAME\username, bu t not for now... In order to support trust relationships? Would you map groups in the same way? BTW...I would agree with Jeremy. Could we call these soemthing like domain group map local group map ? j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From drobbins at obgyn.unm.edu Tue Oct 27 22:03:02 1998 From: drobbins at obgyn.unm.edu (Daniel Robbins) Date: Tue Dec 2 02:24:38 2003 Subject: NT4 Browsing Weirdness with picture Message-ID: <36364316.BAD73E9F@obgyn.unm.edu> Hi, At about 2:45 MST 10/27/98, I got the latest build and compiled it, and I'm getting mangled share listings from the NT side, looking at the Samba server. This is happening under NT4 service pack 3 and 4. There's a GIF attached to this message so you can see what I'm talking about. Also, it seems to be mangled in different ways depending on the machine I use. But this picture is pretty typical (taken from a machine with SP4 on it). Regards, -- Daniel Robbins System Administrator University of New Mexico drobbins@obgyn.unm.edu -------------- next part -------------- A non-text attachment was scrubbed... Name: sp4.gif Type: image/gif Size: 15726 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/19981027/71af8029/sp4.gif From william at hae.com Tue Oct 27 22:38:09 1998 From: william at hae.com (William Stuart) Date: Tue Dec 2 02:24:38 2003 Subject: Windows 2000 Message-ID: In case anyone is intrested, Microsoft has renamed NT 5.0 to Windows 2000 and it will come out in four flavors: Windows 2000 Professional -> replaces Win98 Windows 2000 Server -> replaces NT workstation Windows 2000 Advanced Server -> replaces NT server Windows 2000 Datacenter Server -> replaces NT server http://microsoft.com/windows/dailynews/102898.htm So, instead of SAMBA beating NT50 in support of ActiveDirectory, SAMBA will beat Win2k. Win2k <--- you saw it here first. --- William Stuart (william@hae.com) "Don't rush me sonny. You rush a miracle man you get rotten miracles." --Miracle Max, "The Princess Bride" From thwartedefforts at wonky.org Wed Oct 28 02:44:33 1998 From: thwartedefforts at wonky.org (thwartedefforts@wonky.org) Date: Tue Dec 2 02:24:38 2003 Subject: FIX: NT sending null username effects %U expansion Message-ID: <19981028024433.21153.cpmta@fillmore.criticalpath.net> On Mon, 26 October 1998, Luke Kenneth Casson Leighton wrote: > hi, yes it does make a difference. docs are being updated this week. the > only "proper" fix is to deny all anynomous connections, causing clients to > send username / password instead. > > this will break things, unfortunately. it was the original "NT 3.1" and > "NT 3.5" model, which microsoft deliberately brok in " NT 4.0". > > luke I understand that. But this doesn't explain the explict copy of user to sesssetup_user because that second if will _always_ succeed. I propose the following patch to that second if in smbd/reply.c (against cvs 981026): *** smbd/reply.c.orig Tue Oct 27 09:28:39 1998 --- smbd/reply.c Tue Oct 27 09:28:55 1998 *************** *** 597,603 **** * working. */ ! if((lp_security() != SEC_SHARE) || *user) pstrcpy(sesssetup_user,user); reload_services(True); --- 597,603 ---- * working. */ ! if(((lp_security() != SEC_SHARE) || *user) && !guest) pstrcpy(sesssetup_user,user); reload_services(True); This change will make sesssetup_user be the same as user _only_ if samba is not implictly forcing guest access when the client passes a null username/password. I've tested this and am unable to reproduce the effect I originally described. This also makes non-null sessions override each other thereby changing what %U expands to and reading a different configuration file if a different username is used -- I believe this is wanted effect. But, I still don't know how that is going to change the intended effect on share level security (although, I suspect not at all, seeing as how usernames are useless in share level security, and thus the value of %U is useless -- correct?). If this doesn't fall under "proper" fix, or even close to it, can someone please explain why? Dave Andruczyk, could you try this out and see if it fixes your problem? Rereading your description makes me think it might, but I'm unable to figure out exactly where your problem lies -- it maybe outside the scope of implict guest access. References: Original description of problem: http://samba.anu.edu.au/listproc/samba-ntdom/2264.html Note of always true condition in smbd/reply.c http://samba.anu.edu.au/listproc/samba-ntdom/2289.html Dave's related(?) problem: http://samba.anu.edu.au/listproc/samba-ntdom/2272.html Andy. thwartedefforts@wonky.org From drobbins at obgyn.unm.edu Wed Oct 28 06:09:25 1998 From: drobbins at obgyn.unm.edu (Daniel Robbins) Date: Tue Dec 2 02:24:38 2003 Subject: NT4 Browsing Weirdness with picture Message-ID: <3636B515.507EC03A@obgyn.unm.edu> Hi, At about 2:45 MST 10/27/98, I got the latest build and compiled it, and I'm getting mangled share listings from the NT side, looking at the Samba server. This is happening under NT4 service pack 3 and 4. There's a GIF of this phenomenon at http://obgyn.unm.edu/~drobbins/sp4.gif -- Please take a look at it. Also, it seems to be mangled in different ways depending on the machine I use. But this picture is pretty typical (taken from a machine with SP4 on it). Regards, -- Daniel Robbins System Administrator University of New Mexico drobbins@obgyn.unm.edu -------------- next part -------------- A non-text attachment was scrubbed... Name: sp4.gif Type: image/gif Size: 15726 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/19981027/9d5f5c2e/sp4.gif From drobbins at obgyn.unm.edu Wed Oct 28 06:11:24 1998 From: drobbins at obgyn.unm.edu (Daniel Robbins) Date: Tue Dec 2 02:24:38 2003 Subject: NT4 Browsing Weirdness with picture Message-ID: <3636B58C.4F5B844C@obgyn.unm.edu> Hi, First, sorry about the blank messages! At about 2:45 MST 10/27/98, I got the latest build and compiled it, and I'm getting mangled share listings from the NT side, looking at the Samba server. This is happening under NT4 service pack 3 and 4. There's a GIF of this phenomenon at http://obgyn.unm.edu/~drobbins/sp4.gif -- Please take a look at it. Also, it seems to be mangled in different ways depending on the machine I use. But this picture is pretty typical (taken from a machine with SP4 on it). Regards, -- Daniel Robbins System Administrator University of New Mexico drobbins@obgyn.unm.edu From lkcl at switchboard.net Wed Oct 28 12:16:33 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:38 2003 Subject: NT4 Browsing Weirdness with picture In-Reply-To: <3636B58C.4F5B844C@obgyn.unm.edu> Message-ID: diff -u -w -b -B -r1.12 parse_misc.c --- parse_misc.c 1998/10/27 15:03:47 1.12 +++ parse_misc.c 1998/10/28 12:07:05 @@ -475,6 +475,8 @@ ********************************************************************/ void make_unistr2(UNISTR2 *str, char *buf, int len) { + ZERO_STRUCTP(str); + /* set up string lengths. */ str->uni_max_len = len; str->undoc = 0; On Wed, 28 Oct 1998, Daniel Robbins wrote: > Hi, > > First, sorry about the blank messages! > > At about 2:45 MST 10/27/98, I got the latest build and compiled it, and I'm > getting mangled share listings from the NT side, looking at the Samba server. > This is happening under NT4 service pack 3 and 4. There's a GIF of this > phenomenon at http://obgyn.unm.edu/~drobbins/sp4.gif -- Please take a look at > it. Also, it seems to be mangled in different ways depending on the machine I > use. But this picture is pretty typical (taken from a machine with SP4 on it). > > Regards, > > -- > Daniel Robbins > System Administrator > University of New Mexico > drobbins@obgyn.unm.edu > Luke Kenneth Casson Leighton Samba and Network Development Samba and Network Consultancy From greg at discreet.com Wed Oct 28 13:16:06 1998 From: greg at discreet.com (Greg Dickie) Date: Tue Dec 2 02:24:38 2003 Subject: cvs oct-28 8:14 DST does not compile Message-ID: Hi, on IRIX 6.2 this morning I get: Compiling smbd/server.c cfe: Error: include/proto.h, line 89: Syntax Error char *dbg_token2string( dbg_Token tok ); ----------------------------------^ cfe: Warning 625: include/proto.h, line 89: Empty declaration char *dbg_token2string( dbg_Token tok ); ---------------------------------------^ *** Error code 1 (bu21) This is a completely new fetch of the tree so I'm guessing someone forgot to declare dbg_Token. Thanks, Greg --------------------------------------------------------------------- Greg Dickie Just A Guy* *from discreet logic Montreal (514) 954-7171 greg@discreet.com From dave at www.buffalostate.edu Wed Oct 28 14:24:58 1998 From: dave at www.buffalostate.edu (Dave J. Andruczyk) Date: Tue Dec 2 02:24:38 2003 Subject: Broken tree Message-ID: the CVS tree as of 9:23 AM (Eastern Std Time) won't compile, with the following errors: Using LIBS = -lreadline -ldl -lcrypt -lpam Compiling smbd/server.c In file included from include/includes.h:502, from smbd/server.c:22: include/proto.h:89: parse error before `tok' smbd/server.c:497: conflicting types for `main' include/proto.h:91: previous declaration of `main' make: *** [smbd/server.o] Error 1 Dave From lkcl at switchboard.net Wed Oct 28 14:34:37 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:38 2003 Subject: Broken tree In-Reply-To: Message-ID: >From lkcl@steeleye.iss.net Wed Oct 28 14:34:08 1998 Date: Wed, 28 Oct 1998 10:36:24 -0500 From: Luke Kenneth Casson Leighton To: lkcl@switchboard.net Index: lib/debugparse.c =================================================================== RCS file: /data/cvs/samba/source/lib/debugparse.c,v retrieving revision 1.1 diff -u -w -b -B -r1.1 debugparse.c --- debugparse.c 1998/10/26 23:21:37 1.1 +++ debugparse.c 1998/10/28 14:33:08 @@ -60,7 +60,7 @@ * Functions... */ -char *dbg_token2string( dbg_Token tok ) +static char *dbg_token2string( dbg_Token tok ) /* ------------------------------------------------------------------------ ** * Given a token, return a string describing the token. * On Thu, 29 Oct 1998, Dave J. Andruczyk wrote: > > the CVS tree as of 9:23 AM (Eastern Std Time) won't compile, with the > following errors: > > > > Using LIBS = -lreadline -ldl -lcrypt -lpam > Compiling smbd/server.c > In file included from include/includes.h:502, > from smbd/server.c:22: > include/proto.h:89: parse error before `tok' > smbd/server.c:497: conflicting types for `main' > include/proto.h:91: previous declaration of `main' > make: *** [smbd/server.o] Error 1 > > > Dave > > > Luke Kenneth Casson Leighton Samba and Network Development Samba and Network Consultancy From lkcl at switchboard.net Wed Oct 28 14:35:10 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:38 2003 Subject: Broken tree In-Reply-To: Message-ID: *oh* - after you apply that patch, do a "make proto". On Thu, 29 Oct 1998, Dave J. Andruczyk wrote: > > the CVS tree as of 9:23 AM (Eastern Std Time) won't compile, with the > following errors: > > > > Using LIBS = -lreadline -ldl -lcrypt -lpam > Compiling smbd/server.c > In file included from include/includes.h:502, > from smbd/server.c:22: > include/proto.h:89: parse error before `tok' > smbd/server.c:497: conflicting types for `main' > include/proto.h:91: previous declaration of `main' > make: *** [smbd/server.o] Error 1 > > > Dave > > > Luke Kenneth Casson Leighton Samba and Network Development Samba and Network Consultancy From lkcl at switchboard.net Wed Oct 28 14:38:24 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:38 2003 Subject: Broken tree In-Reply-To: Message-ID: ok, it's a little more complicated than i thought: try just removing lines 89 and 91 from proto.h. On Thu, 29 Oct 1998, Dave J. Andruczyk wrote: > > the CVS tree as of 9:23 AM (Eastern Std Time) won't compile, with the > following errors: > > > > Using LIBS = -lreadline -ldl -lcrypt -lpam > Compiling smbd/server.c > In file included from include/includes.h:502, > from smbd/server.c:22: > include/proto.h:89: parse error before `tok' > smbd/server.c:497: conflicting types for `main' > include/proto.h:91: previous declaration of `main' > make: *** [smbd/server.o] Error 1 > > > Dave > > > Luke Kenneth Casson Leighton Samba and Network Development Samba and Network Consultancy From jallison at cthulhu.engr.sgi.com Wed Oct 28 17:06:01 1998 From: jallison at cthulhu.engr.sgi.com (Jeremy Allison) Date: Tue Dec 2 02:24:38 2003 Subject: FIX: NT sending null username effects %U expansion References: <19981028024433.21153.cpmta@fillmore.criticalpath.net> Message-ID: <36374EF9.F764437E@engr.sgi.com> thwartedefforts@wonky.org wrote: > > > I understand that. But this doesn't explain the explict copy of user to > sesssetup_user because that second if will _always_ succeed. I propose the > following patch to that second if in smbd/reply.c (against cvs 981026): > .... patch cut... > This change will make sesssetup_user be the same as user _only_ if samba is > not implictly forcing guest access when the client passes a null > username/password. I've tested this and am unable to reproduce the effect I > originally described. This also makes non-null sessions override each other > thereby changing what %U expands to and reading a different configuration file > if a different username is used -- I believe this is wanted effect. > I wrote the original code to do that test - and I missed the fact that the second test will always be true. I think your patch is nearly correct - the actual intent of the original code is : if((lp_security() != SEC_SHARE) || (*user && !guest)) pstrcpy(sesssetup_user,user); [You had : if(((lp_security() != SEC_SHARE) || *user) && !guest) pstrcpy(sesssetup_user,user); ] The intent was only to change sesssetup_user in share level security when a valid username was given. In user level security sesssetup_user should *always* be changed to match the incoming user (even if it's a null session). Cheers, Jeremy. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From thwartedefforts at wonky.org Wed Oct 28 18:45:51 1998 From: thwartedefforts at wonky.org (thwartedefforts@wonky.org) Date: Tue Dec 2 02:24:38 2003 Subject: FIX: NT sending null username effects %U expansion Message-ID: <19981028184551.29142.cpmta@fillmore.criticalpath.net> On Wed, 28 October 1998, Jeremy Allison wrote: > I think your patch is nearly correct - the actual intent > of the original code is : > > if((lp_security() != SEC_SHARE) || (*user && !guest)) > pstrcpy(sesssetup_user,user); > The intent was only to change sesssetup_user in share level > security when a valid username was given. Well, you see I'm trying to work around (what Luke described as) a bug in NT4. It insists on sending a null username/password when it requests subsiquent share lists (it seems to send the logon username/password for the initial request). This screws up the list of configuration files read and shares disappear and reappear depending on the mood of NT4. Unfortunately, if the conditions are changed as you describe, the same effect still results (but, thankfully, it gets rid of that "always true" condition :) ). Note that I'm not using share level security. Your change doesn't seem to honor your requirements: > In user level security sesssetup_user should *always* be > changed to match the incoming user (even if it's a null > session). What does "incoming user" mean? Incoming from the client (in which case sesssetup_user should be "") or incoming after samba gets a chance to massage it (so it would be the value of lp_guestaccount() for null usernames). I'm confused here. %U is susposed to expand to the username the client sent, not the username that samba eventually assigned. Is assignment to the guest account not the same as assigning to a local UNIX user (via perhaps a map user or map file setting)? In my domain, I have no need for guest access in terms of file services so if a client is sending a null username over an already validated connection, I want it to use the validated username in the %U expansion. Keep in mind that sending a valid username (non-null) should override previous validations on the same connection. This should be acceptable for the cases where NT4 is going "Oh, I need to request the share list again, but I'm not going to tell the server who I am", and types of clients that are sending a username. Would an acceptable solution to this be to have a parameter like guest overrides valid user = yes/no (default yes) null overrides valid user = yes/no (default yes) or force guest username expansion = yes/no (default yes) or allow null username expansion = yes/no (default yes) And wrap a check for this around the assignmnt to sesssetup_user in the above if? I prefer the first set, they best describes what I'm trying to achieve (I can't think of any shorter parameter names), and offer the greatest configuration options. The defaults of yes keep the current behaviour. If we can agree on something, I'll write the patch. Andy. From lkcl at switchboard.net Wed Oct 28 19:00:36 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:38 2003 Subject: FIX: NT sending null username effects %U expansion In-Reply-To: <19981028184551.29142.cpmta@fillmore.criticalpath.net> Message-ID: On Thu, 29 Oct 1998 thwartedefforts@wonky.org wrote: > On Wed, 28 October 1998, Jeremy Allison wrote: > > > I think your patch is nearly correct - the actual intent > > of the original code is : > > > > if((lp_security() != SEC_SHARE) || (*user && !guest)) > > pstrcpy(sesssetup_user,user); > > > The intent was only to change sesssetup_user in share level > > security when a valid username was given. > > Well, you see I'm trying to work around (what Luke described as) a > bug in NT4. It insists on sending a null username/password when it > requests subsiquent share lists (it seems to send the logon > username/password for the initial request). This screws up the list > of configuration files read and shares disappear and reappear > depending on the mood of NT4. kit's not a bug in nt4: it's just that we have different processes for each connection. the _first_ connection, in one smbd process, must jave the username etc. the _second_ connection does not, because that's in a separate smbd process. From jallison at cthulhu.engr.sgi.com Wed Oct 28 19:14:26 1998 From: jallison at cthulhu.engr.sgi.com (Jeremy Allison) Date: Tue Dec 2 02:24:38 2003 Subject: FIX: NT sending null username effects %U expansion References: Message-ID: <36376D12.8ADBA7E@engr.sgi.com> Luke Kenneth Casson Leighton wrote: > > kit's not a bug in nt4: it's just that we have different processes for > each connection. the _first_ connection, in one smbd process, must jave > the username etc. the _second_ connection does not, because that's in a > separate smbd process. Well no, one NT client multiplexes multiple session connects down the same TCP pipe to the same smbd process. That's what the vuid is for - to tell different session connects apart within the same smbd. Jeremy. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From cartegw at Eng.Auburn.EDU Wed Oct 28 19:20:58 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:38 2003 Subject: NTDOM FAQ info Message-ID: <36376E9A.3B07AA61@eng.auburn.edu> Just as an FYI... I have updated the FAQ a little ( had a coule of hours ). I have also created a ASCII version. There a link on the Table of Contents to downloaded it. New questions (Thanks to David Bannon) Q. How do I get remote password (unix and SMB) changing working ? A. .... Also, I'm solicting suggestions for the FAQ. Anybody got any ideas of things that need to be added? I'm not looking for site specific stuff. Just general info for * configuration * trouble shooting * profiles * policies * [you fill in] Thanks everyone, j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From thwartedefforts at wonky.org Wed Oct 28 19:31:42 1998 From: thwartedefforts at wonky.org (thwartedefforts@wonky.org) Date: Tue Dec 2 02:24:38 2003 Subject: FIX: NT sending null username effects %U expansion Message-ID: <19981028193142.18206.cpmta@fillmore.criticalpath.net> On Wed, 28 October 1998, Luke Kenneth Casson Leighton wrote: > kit's not a bug in nt4: it's just that we have different processes for > each connection. the _first_ connection, in one smbd process, must jave > the username etc. the _second_ connection does not, because that's in a > separate smbd process. Bug, different operation than NT 3.51 -- whatever. :) Are you saying that the second "process" is a different UNIX process? My tests show otherwise. From what I can gather, this is all happening over the same TCP connection to the same smbd process. I am specificly talking about multiple requests, not multiple network connections. smbstatus, netstat and ps show that multiple SMB connections to different shares use the same TCP connection and smbd process. If you are using the words connection and process in a SMB call way, then I agree that the second request sent by the client shouldn't require it to send a username over a previously validation connection, but that shouldn't make the server not use a username or implictly use the guest user. I don't care what the client is sending for a username/password or how predictably it's sending it (fighting for MS to produce predictable software is a loosing battle), but I do care that samba interpret what it receives predictably, thus my suggestion for new parameters at the end of that message. Andy. From lkcl at switchboard.net Wed Oct 28 19:47:15 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:38 2003 Subject: FIX: NT sending null username effects %U expansion In-Reply-To: <19981028193142.18206.cpmta@fillmore.criticalpath.net> Message-ID: > Are you saying that the second "process" is a different UNIX process? My tests show otherwise. From what I can gather, this is all happening over the same TCP connection to the same smbd process. I am specificly talking about multiple requests, not multiple network connections. smbstatus, netstat and ps show that multiple SMB connections to different shares use the same TCP connection and smbd process. jeremy's probably right. have you seen his message? From hr at woehr.de Wed Oct 28 20:22:07 1998 From: hr at woehr.de (Hans Reichenecker) Date: Tue Dec 2 02:24:38 2003 Subject: No ACCESS to another SAMBA-Server after DOMAIN-Access Message-ID: <000101be02b0$a2496050$70a29bc1@pc-edv-2.woehr.de> I?ve a WIN NT4.0 Wkst-PC labeled "PC-1" and access to PD Samba-Server "WOEHR". Loging in the DOMAIN "WOEHR" I?ve access to WOEHR but no ACCES to Samba-Server XYZ1 and XYZ2. ERROR-MSG: "Domain=[] NativeOS=[Windows NT 1381] NativeLanMan=[] sesssetupX:name=[] nobody is in 0 groups uid -2 registered to name nobody Clearing default real name 1998/10/28 21:09:14 Transaction 10 of length 66 switch message SMBtconX (pid 12445) Allowed connection from UNKNOWN (192.168.1.56) to hr ACCEPTED: validated uid ok as non-guest found free connection number 32 Connect path is /home/hr hr is in 1 groups 2 chdir to /home/hr chdir to /DatenVolume2/usr/local/samba/var/locks 1998/10/28 21:09:14 pc-ema-7 (192.168.1.56) connect to service hr as user hr (uid=0,gid=2) (pid 12445) 1998/10/28 21:09:14 tconX service=hr user=hr cnum=32 1998/10/28 21:09:14 Transaction 11 of length 74 switch message SMBtrans2 (pid 12445) chdir to /home/hr call_trans2qfsinfo: cnum = 32, level = 261 1998/10/28 21:09:14 Transaction 12 of length 82 switch message SMBopenX (pid 12445) chdir to /DatenVolume2/usr/local/samba/var/locks chdir to /tmp 1998/10/28 21:09:14 error packet at line 101 cmd=45 (SMBopenX) eclass=2 ecode=4 1998/10/28 21:09:15 Transaction 13 of length 82 switch message SMBopenX (pid 12445)" but there is no Problem when I log in a Domain "PC-1". I've access to all Servers (without any error-Message). Why ? Thanks OTTO W?HR GmbH??? Tel. 07044 46-0 Hans Reichenecker????? Tel. 07044 46-193 ?lgrabenstra?e 14?????? Fax 07044 46-149 D-71292 Friolzheim????? ? ? From twinders at SPC.cc.tx.us Wed Oct 28 21:38:14 1998 From: twinders at SPC.cc.tx.us (Tim Winders) Date: Tue Dec 2 02:24:38 2003 Subject: smbclient uses all interfaces? Message-ID: I have 5 network interfaces on my Samba server. In the smb.conf file I have listed only 4 of those interface on the interfaces= line. This works great for smbd. However, smbclient seems to ignore the interfaces= line and uses the 5th interface anyway. Is this known behavior or a bug? Thanks... Oh, this is CVS from 10/25/98 10pm Central Time. === Tim --------------------------------------------------------------------- | Tim Winders, CNE, MCSE | Email: TWinders@SPC.cc.tx.us | | Network Administrator | Phone: 806-894-9611 x 2369 | | South Plains College | Fax: 806-897-4711 | --------------------------------------------------------------------- From drobbins at obgyn.unm.edu Wed Oct 28 23:11:35 1998 From: drobbins at obgyn.unm.edu (Daniel Robbins) Date: Tue Dec 2 02:24:38 2003 Subject: NT4 Browsing Weirdness with picture References: Message-ID: <3637A4A7.192185E0@obgyn.unm.edu> The added ZERO_STRUCTP(str); call did not solve the problem. Sorry I can't help you out. I'll spend more time getting familiar with the code so that I can be more helpful. Thanks, -- Daniel Robbins System Administrator University of New Mexico drobbins@obgyn.unm.edu Luke Kenneth Casson Leighton wrote: > diff -u -w -b -B -r1.12 parse_misc.c > --- parse_misc.c 1998/10/27 15:03:47 1.12 > +++ parse_misc.c 1998/10/28 12:07:05 > @@ -475,6 +475,8 @@ > ********************************************************************/ > void make_unistr2(UNISTR2 *str, char *buf, int len) > { > + ZERO_STRUCTP(str); > + > /* set up string lengths. */ > str->uni_max_len = len; > str->undoc = 0; > > On Wed, 28 Oct 1998, Daniel Robbins wrote: > > > Hi, > > > > First, sorry about the blank messages! > > > > At about 2:45 MST 10/27/98, I got the latest build and compiled it, and I'm > > getting mangled share listings from the NT side, looking at the Samba server. > > This is happening under NT4 service pack 3 and 4. There's a GIF of this > > phenomenon at http://obgyn.unm.edu/~drobbins/sp4.gif -- Please take a look at > > it. Also, it seems to be mangled in different ways depending on the machine I > > use. But this picture is pretty typical (taken from a machine with SP4 on it). > > > > Regards, > > > > -- > > Daniel Robbins > > System Administrator > > University of New Mexico > > drobbins@obgyn.unm.edu > > > > Luke Kenneth Casson Leighton > Samba and Network Development > Samba and Network Consultancy From jht at aquasoft.com.au Thu Oct 29 10:09:36 1998 From: jht at aquasoft.com.au (John H Terpstra) Date: Tue Dec 2 02:24:38 2003 Subject: CVS Tree Problems Message-ID: <199810291009.VAA21061@aquasoft.com.au> Folks, I regret to advise that I have broken things in the CVS tree. Over the past few days I created a directory with a typo in it. Now it has been fixed but you will experience a panic upon checking out the code. The following is an excerpt of the error message you will receive. Quote: ====== cvs server: Updating packaging/PHT cvs server: Updating packaging/PHT/TurbotLinux cvs [server aborted]: cannot open directory /data/cvs/samba/packaging/PHT/TurbotLinux: No such file or directory The Fix: ======== To avoid this error message please make the following deletion: cd ~samba/packaging rm -rf PHT Then check out as you normally would. My apologies for any agony sufferers. Cheers, John H Terpstra -- =========================================================================== John H Terpstra, Director Telephone: +61 2 9524 4040 Aquasoft Pty Limited (ACN 050 057 488) Fax: +61 2 9540 4016 PO Box 105 Miranda NSW 2228 Australia Cellphone: +61 4 1935 3637 =========================================================================== Email: John.Terpstra@Aquasoft.Com.AU, jht@aquasoft.com.au =========================================================================== Inflation (n): Something done in the past to spend the future so we can experience the effect today. From pgmtekn at algonet.se Thu Oct 29 12:33:09 1998 From: pgmtekn at algonet.se (Michael Stockman) Date: Tue Dec 2 02:24:38 2003 Subject: USRMGR in W95 since 1998-10-18 Message-ID: <001d01be0338$49e74de0$0200a8c0@pgmtekn.emil.pgmt> Hello, What has happened to NMBD after 1998-10-18? In all CVS updates after that usrmgr.exe in W95 has reported that it is unable to find a domain controller for the samba controlled domain. The apparent action is this: 1. nmbd receives a packet to "\MAILSLOT\NET\NETLOGON", code = 7 2. nmbd decides that it is a GETDC request and reports EMIL domain PGMT 0xc ntversion=0 lm_nt token=0 lm_20 token=0, there is a dump of the response at the bottom. 3. nmbd sends that packet to "\MAILSLOT\NET\GETDC000" 4. usrmgr doesn't seem to get that and tries again (a couple of times, then gives in) => goto 1. Everything seems to be the same except for the response packet (I've go the old one at the bottom too). Best regards Michael Stockman pgmtekn-micke@algonet.se The new packet looks like this: [00] 0C 00 45 4D 49 4C 00 00 45 00 4D 00 49 00 4C 00 "..EMIL..E.M.I.L." [10] 00 00 50 00 47 00 4D 00 54 00 00 00 00 00 00 00 "..P.G.M.T......." [20] 00 00 00 00 "...." The old packet looked like this: [00] 0C 00 45 4D 49 4C 00 "..EMIL." Note: EMIL is my samba server and PGMT is my domain. From jar at hq.sifu.net Thu Oct 29 13:24:28 1998 From: jar at hq.sifu.net (Yaroslav L. Halchinsky) Date: Tue Dec 2 02:24:38 2003 Subject: Samba server + PAM_NTDOM Message-ID: hi, have anyone managed to make work together Samba server and PAM_NTDOM Samba running on FreeBSD 2.2.7 accepts domain logons from NT workstations but PAM returns something like "NT server responded - wrong password" and there is strange msg in samba log file [1998/10/29 14:46:10, 0] lib/util.c:client_addr(3753) getpeername failed, errcode Socket operation on non-socket iceberg (0.0.0.0) closed connection to service IPC$ does this mean that Samba can't accept logons from PAM_NTDOM now? or this is a PAM_NTDOM problem? Regards, Yaroslav Halchinsky From icoupeau at unav.es Thu Oct 29 13:16:03 1998 From: icoupeau at unav.es (Ignacio Coupeau) Date: Tue Dec 2 02:24:38 2003 Subject: USRMGR truncates a final digit from usernames References: <001d01be0338$49e74de0$0200a8c0@pgmtekn.emil.pgmt> Message-ID: <36386A93.463EB689@unav.es> Hello, I tested the PDC version from 981028 (and 981027) in a linux RH and NT WS 4SP3. The USRMGR truncates a final digit from smbpasswd usernames when a user list from SAMBA PCD is retrieved; so "www" is displayed as "ww"; "icoupeau" as "icoupea", and so forth... I suppose is a bug... thx ____________________________________________________ Ignacio Coupeau, Ph.D. e-mail: icoupeau@unav.es CTI, Director fax: +48 425619 University of Navarra voice: +48 425600 Pamplona, SPAIN http://www.unav.es/cti/ From lkcl at switchboard.net Thu Oct 29 15:29:29 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:38 2003 Subject: NT4 Browsing Weirdness with picture In-Reply-To: <3637A4A7.192185E0@obgyn.unm.edu> Message-ID: On Wed, 28 Oct 1998, Daniel Robbins wrote: > The added ZERO_STRUCTP(str); call did not solve the problem. Sorry I can't help you very odd: it did for me. hm. From lkcl at switchboard.net Thu Oct 29 16:27:33 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:38 2003 Subject: USRMGR in W95 since 1998-10-18 In-Reply-To: <001d01be0338$49e74de0$0200a8c0@pgmtekn.emil.pgmt> Message-ID: can someone send me a trace against an NT server so i can code it up properly? i don't have (and don't want) win95. luke On Thu, 29 Oct 1998, Michael Stockman wrote: > Hello, > > What has happened to NMBD after 1998-10-18? In all CVS updates after > that usrmgr.exe in W95 has reported that it is unable to find a domain > controller for the samba controlled domain. The apparent action is > this: > > 1. nmbd receives a packet to "\MAILSLOT\NET\NETLOGON", code = 7 > 2. nmbd decides that it is a GETDC request and reports EMIL domain > PGMT 0xc ntversion=0 lm_nt token=0 lm_20 token=0, there is a dump of > the response at the bottom. > 3. nmbd sends that packet to "\MAILSLOT\NET\GETDC000" > 4. usrmgr doesn't seem to get that and tries again (a couple of times, > then gives in) => goto 1. > > Everything seems to be the same except for the response packet (I've > go the old one at the bottom too). > > Best regards > Michael Stockman > pgmtekn-micke@algonet.se > > The new packet looks like this: > [00] 0C 00 45 4D 49 4C 00 00 45 00 4D 00 49 00 4C 00 > "..EMIL..E.M.I.L." > [10] 00 00 50 00 47 00 4D 00 54 00 00 00 00 00 00 00 > "..P.G.M.T......." > [20] 00 00 00 00 "...." > > The old packet looked like this: > [00] 0C 00 45 4D 49 4C 00 "..EMIL." > > Note: EMIL is my samba server and PGMT is my domain. > > > > Luke Kenneth Casson Leighton Samba and Network Development Samba and Network Consultancy From lkcl at switchboard.net Thu Oct 29 16:28:35 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:38 2003 Subject: Samba server + PAM_NTDOM In-Reply-To: Message-ID: i need to update pam_ntdom: i have made many changes, some of them subtle, to samba: corrections. On Fri, 30 Oct 1998, Yaroslav L. Halchinsky wrote: > hi, > have anyone managed to make work together Samba server and PAM_NTDOM > Samba running on FreeBSD 2.2.7 accepts domain logons from NT workstations > but PAM returns something like "NT server responded - wrong password" > and there is strange msg in samba log file > > [1998/10/29 14:46:10, 0] lib/util.c:client_addr(3753) > getpeername failed, errcode Socket operation on non-socket > iceberg (0.0.0.0) closed connection to service IPC$ > > does this mean that Samba can't accept logons from PAM_NTDOM now? > or this is a PAM_NTDOM problem? > > Regards, > Yaroslav Halchinsky > > > Luke Kenneth Casson Leighton Samba and Network Development Samba and Network Consultancy From lkcl at switchboard.net Thu Oct 29 16:30:31 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:38 2003 Subject: USRMGR truncates a final digit from usernames In-Reply-To: <36386A93.463EB689@unav.es> Message-ID: darn, yes it is. the problem is that i need to get exactly the right setup to keep nt4 sp3 and nt4 sp4 happy. On Fri, 30 Oct 1998, Ignacio Coupeau wrote: > Hello, > > I tested the PDC version from 981028 (and 981027) in a linux RH and NT > WS 4SP3. The USRMGR truncates a final digit from smbpasswd usernames > when a user list from SAMBA PCD is retrieved; so > "www" is displayed as "ww"; "icoupeau" as "icoupea", and so forth... > > I suppose is a bug... > > thx > > ____________________________________________________ > Ignacio Coupeau, Ph.D. e-mail: icoupeau@unav.es > CTI, Director fax: +48 425619 > University of Navarra voice: +48 425600 > Pamplona, SPAIN http://www.unav.es/cti/ > Luke Kenneth Casson Leighton Samba and Network Development Samba and Network Consultancy From mk at quadstone.com Thu Oct 29 16:46:13 1998 From: mk at quadstone.com (Michael Keightley) Date: Tue Dec 2 02:24:38 2003 Subject: only domain administrators get their profile Message-ID: <4498.199810291646@subnode.quadstone.com> We're running samba-1.9.19 as a PDC already. I downloaded the latest version of samba-2.0.0-alpha11 today via cvs and installed it on another machine using a test domain. Only users in the "domain admin group" get their profile. In fact if you're not in this list you can't even change your screen background! What's changed? Here's our smb.conf. [global] workgroup = SPONG hosts allow = 194.80.190. 192.168.191. 127. interfaces = 194.80.190.2/255.255.255.128 server string = Quadstone SAMBA Server %h printcap name = /usr/local/share/samba/var/printcap domain master=yes domain logons = yes local master = yes preferred master = yes wins support = yes os level = 65 encrypt passwords = yes nis homedir = true security = user guest account = nobody passwd program = /home/samba_gromit/samba/bin/smbpasswd logon script = netlogon.bat logon drive = q: domain admin group = tkld mk jfh ane domain groups = Users [printers] printing = sysv path = /home/samba_gromit/samba/var/spool/public public = yes writable = no printable = yes [homes] comment = Home Directories browseable = yes guest ok = yes writable = yes [netlogon] path = /home/samba_gromit/samba/netlogon writeable = no guest ok = yes locking = no public = no [software] comment = PC software path = /home/PC writeable = yes browseable = yes guest ok = no [admin-share] comment = Admin Share path = /home/admin writeable = no public = no write list = @admin force group = admin force create mode = 764 force directory mode = 775 [dhmart-share] comment = DH Marketing Share path = /home/dhmart writeable = no public = no write list = @dhmart force group = dhmart force create mode = 764 force directory mode = 775 [legal-share] comment = Legal Share path = /home/legal writeable = no public = no write list = @legal force group = legal force create mode = 764 force directory mode = 775 [template-share] comment = Template Share path = /home/PC/template writeable = no public = no write list = @templates force group = templates force create mode = 764 force directory mode = 775 _________ Michael Keightley Tel: +44 131 220 4491 Systems Manager Fax: +44 131 220 4492 Quadstone Limited WWW: http://www.quadstone.com From jallison at cthulhu.engr.sgi.com Thu Oct 29 17:44:38 1998 From: jallison at cthulhu.engr.sgi.com (Jeremy Allison) Date: Tue Dec 2 02:24:38 2003 Subject: [Fwd: USRMGR in W95 since 1998-10-18] Message-ID: <3638A986.4E74280E@engr.sgi.com> Michael Stockman wrote: > What has happened to NMBD after 1998-10-18? In all CVS updates after > that usrmgr.exe in W95 has reported that it is unable to find a domain > controller for the samba controlled domain. The apparent action is > this: .. > Everything seems to be the same except for the response packet (I've > go the old one at the bottom too). .. > The new packet looks like this: > [00] 0C 00 45 4D 49 4C 00 00 45 00 4D 00 49 00 4C 00 > "..EMIL..E.M.I.L." > [10] 00 00 50 00 47 00 4D 00 54 00 00 00 00 00 00 00 > "..P.G.M.T......." > [20] 00 00 00 00 "...." > > The old packet looked like this: > [00] 0C 00 45 4D 49 4C 00 "..EMIL." > > Note: EMIL is my samba server and PGMT is my domain. Luke, this is the unicode change you made to GETDC in nmbd. Can you (or maybe Gerald?) check that the change you made in the 2.0 stream still allows Win95/98 machines to work correctly with Samba set up as a Win95 "logon server", not as a PDC. It is essential we don't ship 2.0 with this feature broken as this is what most sites use to serve logon scripts etc. Cheers, Jeremy. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From lkcl at switchboard.net Thu Oct 29 17:55:10 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:38 2003 Subject: [Fwd: USRMGR in W95 since 1998-10-18] In-Reply-To: <3638A986.4E74280E@engr.sgi.com> Message-ID: > Luke, this is the unicode change you made to GETDC > in nmbd. i know. it leads me to believe that we are not distinguishing the various different UDP mailslots sufficiently. you can get GETDC calls with random values, and i think this is used to ensure that the answer goes back to the right place. this is different from NET\NETLOGON and NET\NTLOGON etc. need some network traffix examples. > Can you (or maybe Gerald?) check that the > change you made in the 2.0 stream still allows Win95/98 > machines to work correctly with Samba set up as a Win95 > "logon server", not as a PDC. gerry can you get some samples - please? From cartegw at Eng.Auburn.EDU Thu Oct 29 21:12:55 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:38 2003 Subject: [Fwd: USRMGR in W95 since 1998-10-18] References: Message-ID: <3638DA57.8C78368B@eng.auburn.edu> Luke Kenneth Casson Leighton wrote: > > i know. it leads me to believe that we are not > distinguishing the various different UDP mailslots > sufficiently. you can get GETDC calls with random > values, and i think this is used to ensure that the > answer goes back to the right place. > > this is different from NET\NETLOGON and NET\NTLOGON etc. > > need some network traffix examples. > > gerry can you get some samples - please? I've been recompiling the code. What type of sniffs do you need. I've got several sniffs on hand of netlogons using various the GETDC### slots. Do you want those? If you need something else, let me know how to reproduce it. I'll verify the Win9x logons shortly. j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From lkcl at switchboard.net Thu Oct 29 21:23:35 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:38 2003 Subject: [Fwd: USRMGR in W95 since 1998-10-18] In-Reply-To: <3638DA57.8C78368B@eng.auburn.edu> Message-ID: > > gerry can you get some samples - please? > > I've been recompiling the code. What type of sniffs do > you need. I've got several sniffs on hand of netlogons > using various the GETDC### slots. Do you want those? argh, yes. actually, a text-printout of the relevant section from netmon from just one of them would do. > I'll verify the Win9x logons shortly. ok, if that fails: again, i'll need a text-out to fix it. thanks, dear! From lkcl at switchboard.net Thu Oct 29 21:54:39 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:38 2003 Subject: domain group and local group API needed In-Reply-To: Message-ID: ok, this is what i have so far: "local group map = " "domain group map = " "smb group file = " (default is /usr/local/samba/private/smbgroup) the group map has the same format as "map username". smbgroup is the same format as /etc/group, except that you specify nt groups in here not unix groups. luke From jallison at cthulhu.engr.sgi.com Thu Oct 29 22:21:11 1998 From: jallison at cthulhu.engr.sgi.com (Jeremy Allison) Date: Tue Dec 2 02:24:39 2003 Subject: USRMGR in W95 since 1998-10-18 References: Message-ID: <3638EA57.DB9132E5@engr.sgi.com> Luke Kenneth Casson Leighton wrote: > > can someone send me a trace against an NT server so i can code it up > properly? i don't have (and don't want) win95. > Yeah but >99% of Samba users *do* have & use Win95 so we can't just change GETDC to work with NT only. If you can't test against Win95 then I'll have to put the code back the way it was (non UNICODE) so at least it works for the more typical case (Samba users using Win95) rather than the rare case (Samba users using a Samba PDC with NT). But I'd rather it just worked with both '95 & NT - any chance of you working on that (but *soon* - remember the 2.0 branch.....) ? Cheers, Jeremy. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From jallison at cthulhu.engr.sgi.com Thu Oct 29 22:40:23 1998 From: jallison at cthulhu.engr.sgi.com (Jeremy Allison) Date: Tue Dec 2 02:24:39 2003 Subject: domain group and local group API needed References: Message-ID: <3638EED7.B892C940@engr.sgi.com> Luke Kenneth Casson Leighton wrote: > > ok, this is what i have so far: > > "local group map = " > "domain group map = " > the group map has the same format as "map username". > Looks good.... > "smb group file = " (default is /usr/local/samba/private/smbgroup) > > smbgroup is the same format as /etc/group, except that you specify nt > groups in here not unix groups. > Is this the PDC "Domain Groups" database ? If so can we call it "domain group file" instead of "smb group file". That way, people know that it only has meaning when you're using Samba as a PDC. Cheers, Jeremy. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From lkcl at switchboard.net Thu Oct 29 23:03:04 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:39 2003 Subject: domain group and local group API needed In-Reply-To: <3638EED7.B892C940@engr.sgi.com> Message-ID: On Thu, 29 Oct 1998, Jeremy Allison wrote: > Luke Kenneth Casson Leighton wrote: > > > > ok, this is what i have so far: > > > > "local group map = " > > "domain group map = " > > the group map has the same format as "map username". > > > > Looks good.... > > > "smb group file = " (default is /usr/local/samba/private/smbgroup) > > > > smbgroup is the same format as /etc/group, except that you specify nt > > groups in here not unix groups. > > > > Is this the PDC "Domain Groups" database ? yes. > If so can > we call it "domain group file" instead of "smb group > file". That way, people know that it only has meaning > when you're using Samba as a PDC. that would confuse the issue. a user's groups is a list of RIDs. those RIDs can be either local groups or domain groups. a name of "domain group file" would imply that it is not possible to have users in local groups. plus, if we name it "domain group file" then we really need "smb password file" to be renamed "domain password file". plus, in the case of when you are a member of a domain, this option still has relevance (and so does the "smb password file"). in this case: - the smb passwd file becomes a list of local accounts - the smb group file can contain only local groups (no domain groups). because the samba server (as a member of a domain) is still responsible for its own "local SAM". so, i am tired. i can think of lots of reasons why naming it "domain group file" is a confoosing thing: do you, or anyone else, have any suggestions? luke From drobbins at obgyn.unm.edu Thu Oct 29 23:26:07 1998 From: drobbins at obgyn.unm.edu (Daniel Robbins) Date: Tue Dec 2 02:24:39 2003 Subject: NT4 Browsing Weirdness with picture References: Message-ID: <3638F98F.807D9B08@obgyn.unm.edu> Well, I got the latest from CVS again, and it didn't solve the problem. I did some further testing, and found that this problem does *not* occur when using smbclient or from Win95. It only happens from NT4 (Tested from NT Workstation SP3 and SP4, and NT Server with SP3). Also note that the IPC Service share has the name of: "IPC$IPC Service (myserver)A|||{02a36f10-2f6f-11cf-8ce4-00aa003ca9f6}" (note: the '|' characters are actually fat vertical bars, not standard |'s) This showed up on our NT Server with service pack 3 when we browsed our test samba server "myserver", which is part of our NT domain. I hope that maybe those extra characters that I listed will help you diagnose the problem. Please let me know if there is any more information that you need. Regards, -- Daniel Robbins System Administrator University of New Mexico drobbins@obgyn.unm.edu Luke Kenneth Casson Leighton wrote: > On Wed, 28 Oct 1998, Daniel Robbins wrote: > > > The added ZERO_STRUCTP(str); call did not solve the problem. Sorry I can't help you > > very odd: it did for me. hm. -------------- next part -------------- HTML attachment scrubbed and removed From drobbins at obgyn.unm.edu Thu Oct 29 23:30:55 1998 From: drobbins at obgyn.unm.edu (Daniel Robbins) Date: Tue Dec 2 02:24:39 2003 Subject: NT4 Browsing Weirdness with picture Message-ID: <3638FAAF.EB8E7BDC@obgyn.unm.edu> Oy, I have to remember to turn off HTML messages from communicator... the list doesn't like them! Sorry guys! Well, I got the latest from CVS again, and it didn't solve the problem. I did some further testing, and found that this problem does *not* occur when using smbclient or from Win95. It only happens from NT4 (Tested from NT Workstation SP3 and SP4, and NT Server with SP3). Also note that the IPC Service share has the name of: "IPC$IPC Service (myserver)A|||{02a36f10-2f6f-11cf-8ce4-00aa003ca9f6}" (note: the '|' characters are actually fat vertical bars, not standard |'s) This showed up on our NT Server with service pack 3 when we browsed our test samba server "myserver", which is part of our NT domain. I hope that maybe those extra characters that I listed will help you diagnose the problem. Please let me know if there is any more information that you need. Regards, -- Daniel Robbins System Administrator University of New Mexico drobbins@obgyn.unm.edu Luke Kenneth Casson Leighton wrote: > On Wed, 28 Oct 1998, Daniel Robbins wrote: > > > The added ZERO_STRUCTP(str); call did not solve the problem. Sorry I > can't help you > > very odd: it did for me. hm. From jallison at cthulhu.engr.sgi.com Fri Oct 30 00:23:04 1998 From: jallison at cthulhu.engr.sgi.com (Jeremy Allison) Date: Tue Dec 2 02:24:39 2003 Subject: domain group and local group API needed References: Message-ID: <363906E8.E3EE0A7C@engr.sgi.com> Luke Kenneth Casson Leighton wrote: > > > that would confuse the issue. a user's groups is a list of RIDs. those > RIDs can be either local groups or domain groups. a name of "domain group > file" would imply that it is not possible to have users in local groups. > > plus, if we name it "domain group file" then we really need "smb password > file" to be renamed "domain password file". > > plus, in the case of when you are a member of a domain, this option still > has relevance > > in this case: > > - the smb passwd file becomes a list of local accounts > - the smb group file can contain only local groups (no domain groups). > But that is the purpose of the UNIX /etc/group file. You do not need another group file in the "member of a domain" case. Remember, in the case of a Samba server which is a member of a domain, the UNIX /etc/group file (or whatever remote queried equivalent) specifies what groups a particular user is in. It is this group list that is used by Samba to setgroups() to when Samba becomes the UNIX uid for that user. It is this group that defines the access permissions for smbd on behalf of that user. All the groups in that list are, by definition, groups *local* to that UNIX server. Samba servers that are members of a domain can have no concept of "Domain" groups - such a thing simply doesn't exist in UNIX. Now Samba acting as a PDC needs to serve out Domain groups to NT clients and server. These systems understand the difference between Local and Domain groups, so such a file makes more sense in this case, as you want an Administrator to be able to create arbitrarily named Domain groups that users in the Domain SAM (in this case the smbpasswd file) can be put into. The original idea of the "groupname map" code was to allow the UNIX /etc/groups database to be the master group file for a system. However, as NT systems tend to have specific meanings for groups (eg. the Administrators group) then the groupname map file was envisaged in a similar way as the username map to allow the UNIX names to be mapped into the NT names. I think we need to have some serious discussions about the use of groups in the code before you check any of your changes into the code tree. Currently I don't have your new phone number at ISS, can you email it to me so we can chat about this. Jeremy. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From lkcl at switchboard.net Fri Oct 30 00:51:38 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:39 2003 Subject: domain group and local group API needed In-Reply-To: <363906E8.E3EE0A7C@engr.sgi.com> Message-ID: On Thu, 29 Oct 1998, Jeremy Allison wrote: > Luke Kenneth Casson Leighton wrote: > > > > > > that would confuse the issue. a user's groups is a list of RIDs. those > > RIDs can be either local groups or domain groups. a name of "domain group > > file" would imply that it is not possible to have users in local groups. > > > > plus, if we name it "domain group file" then we really need "smb password > > file" to be renamed "domain password file". > > > > plus, in the case of when you are a member of a domain, this option still > > has relevance > > > > in this case: > > > > - the smb passwd file becomes a list of local accounts > > - the smb group file can contain only local groups (no domain groups). > > > > But that is the purpose of the UNIX /etc/group file. You > do not need another group file in the "member of a domain" > case. ok, then we have two password database API implementations, already :-) 1) private/smbgroup 2) /etc/group i now have one "semi" working, it's cool :) i had to fudge srv_lsa.c's lookupnames code... > Remember, in the case of a Samba server which is a member > of a domain, the UNIX /etc/group file (or whatever remote > queried equivalent) specifies what groups a particular > user is in. It is this group list that is used by Samba > to setgroups() to when Samba becomes the UNIX uid for > that user. It is this group that defines the access > permissions for smbd on behalf of that user. All the > groups in that list are, by definition, groups *local* > to that UNIX server. > > Samba servers that are members of a domain can have > no concept of "Domain" groups - such a thing simply > doesn't exist in UNIX. that is absolutely correct: the concept does not exist on unix. _however_, that has nothing to do with us letting samba administrators split "unix" groups up into two categories: - unix groups which, through samba and the use of the "map domaingroup file" parameter tell NT wkstas that the unix group looks like, to the NT wksta, as if it is a "domain group". this, as i think you are going point out below, is only possible when samba is in "PDC" mode not "member of domain" mode. - unix groups which, through samba and the use of the "map localgroup file" parameter tell NT wkstas that the unix group looks like, to the NT wksta, as if it is a "local group". this can even fool NT workstations into thinking that the unix group is in a totally different NT domain. this option can be used in both PDC and member modes, and is in fact the only option available in "member" mode. BOTH these categories map onto REAL, LOCAL, unix groups, and yes, unix knows absolutely nothing about what a local group or a domain group is, doesn't care, doesn't matter, is completely irrelevant etc etc and _still_ doesn't affect the fact that we can fool NT machines into thinking that local and/or domain groups exist. > The original idea of the "groupname map" code was > to allow the UNIX /etc/groups database to be the > master group file for a system. ah. there are actually two sets of functionality required, with two categories in each: - unix to nt group-fooling-code ( :-) ) the two categories are: local groups and domain groups. in each category, the mapping required is: local_unix_group DOMAIN_NAME\group name that means that, for any given local group or domain group, in any given domain, you can fool NT machines into thinking that such a concept exists, and the unix security model still stands up. i have modified smbd/groupname.c to be able to do the above. - SAM database groups the two categories, again, are: local groups and domain groups. in the local group category, the entries in each local group are: SID DOMAIN_NAME\group name sid_name_use in the domain group category, the entries are: USER rid group name this is completely independent of the above "group-fooling" system. i have to do some more thinking, ok, about what the issues are. get a clear picture of the components etc. From kjm at coe.neu.edu Fri Oct 30 01:28:30 1998 From: kjm at coe.neu.edu (Kyle McDonald) Date: Tue Dec 2 02:24:39 2003 Subject: domain group and local group API needed References: <363906E8.E3EE0A7C@engr.sgi.com> Message-ID: <3639163E.CB84BDD7@coe.neu.edu> Hi all. I may be about to open my mouth and insert my foot, but here it goes anyway. I thought I might be a good judge on what the "average user" might interpret these options to mean - considering I am very new to this whole SAMBA thing... so here's my two cents: It seems(from my reading so far) that these are the desired functionality, even if these are not the current names: local user map = domain user map = local group map = domain group map = These all seem straight forward so far. they seem to cover all of the mapping options needed. As for the files, It seems that the desired functionality would include: (again some of these may exist, some may not) local user file = domain user file = local group file = domain group file = Considering that all users have to be in both the unix passwd file and the smbpasswd file, I think it might be good to follow the same logic with having all the groups in both the unix group file and an smbgroup file. The confusing part will be when the smbgroup file puts a user in one set of groups which map to one set of unix groups, and the unix group file puts the user into another (possibly overlapping) set of unix groups. But I do see the point of letting an administrator get all of the functionality of a real NT server. The last question remaining seems to be do you really need to make the local and domain distinctions in each of these settings. In the case of the user and group files, might it not be possible to add a field which specified if the user (or group) was for the domain or only the local machine? In the case of the user and group maps, I'm not sure you even need this distinction. Can't a unix group only map to one smbgroup? does it matter (during the mapping) if that group is local or domain? I think (and I might be wrong) that you can't have a local users or group with the same name as a domain user or group - and if if you can, I don't know if it makes much sense to do so. Therefore you should be able to map a unix user or group to a SMB user or group with out specifying wether it is local or domain... Let the new field, or which ever file it is found in determine that. This would leave you with: user map = group map = user file = group file = ( and I might suggest using db instead of file ) Now, I could be totally off my rocker. and maybe I've missed a totally important idea in here somewhere, but This is my novice view point of how I would expect these settings to work. Just my 2 cents, and even though curiosity killed the cat, I would be interested in learning where and why I'm wrong. -Kyle -- _ -------------------------------ooO( )Ooo------------------------------- Kyle J. McDonald (o o) Systems Analyst/ Northeastern University ||||| Applications Programmer College of Engineering email: kjm@coe.neu.edu 360 Huntington Ave. 230SN \\\// voice: (617)373-3361 Boston MA 02115 (o o) fax: (617)373-8504 -------------------------------ooO(_)Ooo------------------------------- From kjm at coe.neu.edu Fri Oct 30 01:35:58 1998 From: kjm at coe.neu.edu (Kyle McDonald) Date: Tue Dec 2 02:24:39 2003 Subject: domain group and local group API needed References: Message-ID: <363917FE.37859809@coe.neu.edu> > > > > Samba servers that are members of a domain can have > > no concept of "Domain" groups - such a thing simply > > doesn't exist in UNIX. > Yes, but an administrator MIGHT want to map one of the domain groups (from the PDC for the domain samba is a member of) to a unix group, right? Is there some better way to do this? -Kyle -- _ -------------------------------ooO( )Ooo------------------------------- Kyle J. McDonald (o o) Systems Analyst/ Northeastern University ||||| Applications Programmer College of Engineering email: kjm@coe.neu.edu 360 Huntington Ave. 230SN \\\// voice: (617)373-3361 Boston MA 02115 (o o) fax: (617)373-8504 -------------------------------ooO(_)Ooo------------------------------- From thwartedefforts at wonky.org Fri Oct 30 02:19:40 1998 From: thwartedefforts at wonky.org (thwartedefforts@wonky.org) Date: Tue Dec 2 02:24:39 2003 Subject: null session %U expansion (patch) Message-ID: <19981030021940.16741.cpmta@fillmore.criticalpath.net> No one responded with comments concerning the implementation of a workaround for when a client sends a null username over an already validated connection and how that effects %U expansion, so I implemented it with parameters that enable it or disable it. A patch and a readme are available at http://homepage.interaccess.com/~abakun/samba/ It would be really cool if someone out there in samba land could evaluate this patch for fitness and possibly apply it to the cvs tree, or at the very least tell me what I'm doing wrong. The contents of the readme are as follows: This works around an aspect of NT4 wherein the NT4 client sends a request to samba over a connection that has already been validated, but does not include a username/password. When a username is not specified by the client, samba automaticly assigns guest permissions and changes the value that %U expands to. This can make things confusing if have macro expansions in include files that depend on things like the username. Two new global parameters are added: null overrides valid user expansion = yes/no (default yes) guest overrides valid user expansion = yes/no (default yes) When set to no, implict guest access will not change the expansion of of %U (sesssetup_user). The default being yes makes samba use the original behaviour. The files patched are: source/params/loadparam.c source/smbd/reply.c docs/smb.conf.5 From greg at discreet.com Fri Oct 30 13:45:24 1998 From: greg at discreet.com (Greg Dickie) Date: Tue Dec 2 02:24:39 2003 Subject: Makefile syntax error Message-ID: Seems like the Makefile has some syntax problem in the latest cvs fetch if I use the IRIX make. gmake works fine though. Using LIBS = #@if (: >> .deps/smbd/server.o || : > .deps/smbd/server.o) >/dev/null 2>&1; then :; \ # else dir=.deps/`echo smbd/server.o | sed 's,/[^/]*$,,;s,^$,.,'` \ # || exec false; \ if test -d "$dir"; then :; else \ echo mkdir "$dir"; \ mkdir -p "$dir" >/dev/null 2>&1 || \ test -d "$dir" || \ mkdir "$dir" || \ exec false; fi || exec false; fi; rm -f .deps/smbd/server.o .deps/smbd/server.od sh: syntax error near unexpected token `;' *** Error code 1 (bu21) This is with bash as SHELL. any ideas? Thanks, Greg --------------------------------------------------------------------- Greg Dickie Just A Guy* *from discreet logic Montreal (514) 954-7171 greg@discreet.com From cartegw at Eng.Auburn.EDU Fri Oct 30 16:21:26 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:39 2003 Subject: domain group and local group API needed References: <363906E8.E3EE0A7C@engr.sgi.com> <3639163E.CB84BDD7@coe.neu.edu> Message-ID: <3639E786.C37DD908@eng.auburn.edu> Kyle McDonald wrote: > > The last question remaining seems to be do you really need > to make the local and domain distinctions in each of these > settings. Yes. I belive so due to the fact that a local group RID is tagged onto the local MACHINE SID and the domain group RID is tagged onto the domain SID. j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From cartegw at Eng.Auburn.EDU Fri Oct 30 16:25:56 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:39 2003 Subject: domain group and local group API needed References: <363917FE.37859809@coe.neu.edu> Message-ID: <3639E894.E859C7B0@eng.auburn.edu> Kyle McDonald wrote: > > > > > > > Samba servers that are members of a domain can have > > > no concept of "Domain" groups - such a thing simply > > > doesn't exist in UNIX. > > Yes, but an administrator MIGHT want to map one of > the domain groups (from the PDC for the domain samba > is a member of) to a unix group, right? > > Is there some better way to do this? Don't think it would matter as the group membership is defined by the PDC. The unix account is used to get the uid. But then if you mapped the DOMAINS ADMINS group to some group on the unix box, that would only affect connections to the unix box right? I'm just trying to think of possible security problems. Just kind of cloudy right now. j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From lkcl at switchboard.net Fri Oct 30 16:28:28 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:39 2003 Subject: domain group and local group API needed In-Reply-To: <3639163E.CB84BDD7@coe.neu.edu> Message-ID: long, involved, important response. On Fri, 30 Oct 1998, Kyle McDonald wrote: > Hi all. > > I may be about to open my mouth and insert my foot, but here > it goes anyway. > > I thought I might be a good judge on what the "average user" > might interpret these options to mean - considering I am > very new to this whole SAMBA thing... > > so here's my two cents: > > It seems(from my reading so far) that these are the desired > functionality, even if these are not the current names: > > local user map = > domain user map = you also need "trust domain user map =". you can "combine" these by extending "map username" functionality to: DOMAIN_NAME\user = unix_usr WKSTA_NAME\user = unix_usr2 TRUSTED_DOM\user = unix_usr3 TRUSTED_DOM2\user = unix_usr4 > local group map = > domain group map = you also need, in the same way: trusted dom,ain local group map = trusted domain domain group map = workstation local group map = YOU CANNOT HAVE: workstation domain group map = - the workstation SAM does not support domain groups, try running MUSRMGR.EXE and tell me if you ever see a domain group or anythin other than local users :-) and again, all these can be "combined" into a local goup map and domain group map by allowing DOMAIN_NAME\local_group = unix_group1 WKSTA_NAME\local_group = unix_group2 ... and by allowing DOMAIN_NAME\domain_group = unix_group5 TRUSTED_DOM\domain_group = unix_group6 and by *disallowing* WKSTA_NAME\domain_group = unix_group7 > These all seem straight forward so far. they seem to cover all > of the mapping options needed. yes, they do, as far as i can make out. > As for the files, It seems that the desired functionality > would include: (again some of these may exist, some may not) > > local user file = > domain user file = in the case where samba = PDC, these are the same. in the case where samba = domain-member ("security = domain"), the "local user map" = private/smbpasswd, with usernames in private/smbpasswd being verified against /etc/passwd. the "domain user map" = _the pdc's domain users_ being verified against /etc/passwd. and, what is important is that this situation need not change. can anyone, however, spot the mistake in the "security = domain" case? that when accessing a "domain" user or a when accessing a "local" user (which are equivalent to logging in to the "domain" and logging into the "workstation" respectively), it is possible that the may be mapped to the same entry in /etc/passwd, if there exists and acount DOMAIN_NAME\fred and _also_ WORKSTATION_NAME\fred. this is a mistake, and i hope to rectify it by extending the "map username" functionality to be able to specify DOMAIN_NAME\fred = fred2. yes, it's horrible: it's also the same problem as with trusted domains. > local group file = > domain group file = i _think_.... i _think_ you can only add "rids" to a user. theeerreforrre... you only need "group file = private/smbgroup". see, what it means is that if you want a user to belong to another domain's group(s), you must create a "local group"; add the foriegn group to the "local group" and then add the local group to the user's groups. _now_ i finally understand why the SAM database calls these "Aliases", vecause you have to have "aliases" for foriegn groups in order to add users to those forieng groups (indirectly). now. if we allow people to put users into arbitrary groups in /etc/group, some of those groups are going to be mapped to "foriegn" groups, whether they be domain, local, trusted domain, workstation groups etc etc. this will be a potential source of configuration mistakes. argh. however, if we get people to put entries in private/smbgroup, and say "you will put NT names in here not unix names", then there is less temptation to put TRUSTED_DOMAIN\group_name in private/smbgroup, and we can detect this easily and point out in log file messages that this is a problem. explaining in log file messages that "hey, you put someone in a unix group, and that unix group is actually mapped to a TRUSTED_DOMAIN\group_name and i'm sorry, you can't do that, you must only put users into groups that i can map to a rid of your own domain"... you get the picture? using unix /etc/group there is a level of indirection that you cannot really explain in a simple manner, because /etc/group could potentially be used to map hundreds of different groups across many different domains: private/smbgroup should be used to map hundreds of different groups across only _one_ domain: the one that the samba server is responsible for. i'm not saying that we shouldn't do it, i'm just saying that if we do, it's going to create us a configuration nightmare (my user can't join a group in another domain, i've tried adding it to /etc/group and it doesn't work: what am i doing wrong?) > Considering that all users have to be in both the unix passwd > file and the smbpasswd file, I think it might be good to > follow the same logic with having all the groups in both > the unix group file and an smbgroup file. yes. well, actually, all users in smbpasswd have to be in the unix passwd, but not vice-versa. the same should apply to smbgroup and grou. > The confusing part will be when the smbgroup file puts a user > in one set of groups which map to one set of unix groups, and > the unix group file puts the user into another (possibly > overlapping) set of unix groups. this will be a configuration error, and i will have to detect it and throw a log message. > But I do see the point of letting an administrator get all > of the functionality of a real NT server. particularly as i intend to have "USRMGR.EXE" manage all this, so if you can use "USRMGR.EXE" and you can live with having some errors thrown up if you haven't got your /etc/group and "map local group" and "map domain group" parameters set up... oh, in "appliance" mode, those errors would not occur, by the way. > The last question remaining seems to be do you really need > to make the local and domain distinctions in each of these > settings. yes, very much so (except for PDC mode, in which "local user file == domain user file"). > In the case of the user and group files, might it not be > possible to add a field which specified if the user (or group) > was for the domain or only the local machine? um... with respect to user files, i think i covered this: if you are a PDC, there _Are_ no local machine users; if you are not a PDC, you are _not_ responsible for the domain users, the PDC is, you are only responsible for local users, so there is no problem. i think the same logic applies to the local group files and also to the domain group files: you simply aren't responsible for anyone elses' accounts except your own. please, please please bear in mind that there are two totally separate issues here: - creating a SAM database (users,groups - domain and local), whether it's local-machine-sam or a domain-sam - mapping arbitratry DOMAIN_NAME\rid (or SID-rid) stuff into the UNIX world. > In the case of the user and group maps, I'm not sure you even > need this distinction. i think you are confusing the two issues i just mentioned above. > Can't a unix group only map to one > smbgroup? correct, and it's a configuration error if you use "local domain map=" and "domain map =" to produce a non-monotonic mapping. > does it matter (during the mapping) if that group > is local or domain? yes. if you want to avoid massive configuration problems. > I think (and I might be wrong) that you can't have a local > users or group with the same name as a domain user or group - absolutely correct. the namespace must be unique, in a particular SAM/Domain, across - users - local groups - domain groups i just tried it out: i tried adding a group with the same name as a user, the same name as a local group etc etc: it failed. > and if if you can, I don't know if it makes much sense to do > so. it certainly does not, i agree. > Therefore you should be able to map a unix user or group > to a SMB user or group with out specifying wether it is local > or domain... this does not follow > Let the new field, or which ever file it is found > in determine that. however, this does :-) > This would leave you with: > > user map = > group map = > user file = > group file = this works if you have the "field" you propose. > ( and I might suggest using db instead of file ) this is something else under consideration. > Now, I could be totally off my rocker. and maybe I've missed > a totally important idea in here somewhere, but This is my > novice view point of how I would expect these settings to work. you're pretty much on the mark, and you made me think of a couple of valid points. so, thanks. From lkcl at switchboard.net Fri Oct 30 16:44:15 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:39 2003 Subject: domain group and local group API needed In-Reply-To: <3639E894.E859C7B0@eng.auburn.edu> Message-ID: > But then if you mapped the DOMAINS ADMINS group > to some group on the unix box, that would only affect > connections to the unix box right? i don't know what you mean by "affect" but i think the answer is yes. From lkcl at switchboard.net Fri Oct 30 17:35:15 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:39 2003 Subject: USRMGR in W95 since 1998-10-18 In-Reply-To: <3638EA57.DB9132E5@engr.sgi.com> Message-ID: On Fri, 30 Oct 1998, Jeremy Allison wrote: > Luke Kenneth Casson Leighton wrote: > > > > can someone send me a trace against an NT server so i can code it up > > properly? i don't have (and don't want) win95. > > > > Yeah but >99% of Samba users *do* have & use Win95 > so we can't just change GETDC to work with NT only. > > If you can't test against Win95 then I'll have to put > the code back the way it was (non UNICODE) so at least > it works for the more typical case (Samba users using Win95) > rather than the rare case (Samba users using a Samba PDC > with NT). that breaks an NT case if you put it back the way it was. like i said in an earlier message, we do not make sufficient distinction between the various cases. > But I'd rather it just worked with both '95 & NT - any > chance of you working on that (but *soon* - remember > the 2.0 branch.....) ? i need traces. From lkcl at switchboard.net Fri Oct 30 17:40:41 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:39 2003 Subject: domain group and local group API needed In-Reply-To: <199810301735.SAA01754@navier.rug.ac.be> Message-ID: On Fri, 30 Oct 1998, Dirk De Wachter wrote: > > long, involved, important response. > > > > On Fri, 30 Oct 1998, Kyle McDonald wrote: > (and much deleted...) > > > > > I think (and I might be wrong) that you can't have a local > > > users or group with the same name as a domain user or group - > > > > absolutely correct. the namespace must be unique, in a particular > > SAM/Domain, across > > > > - users > > - local groups > > - domain groups > > > > i just tried it out: i tried adding a group with the same name as a > > user, the same name as a local group etc etc: it failed. > NT allows us to have a WKSTA\Administrator and PDC\Administrator > account which are definitely different. The former can only > administrate the local workstation, while the latter is responsible > for the complete DOMAIN. correct: they have totally different SIDs, one each for WKSTAT and another for PDC, therefore they are totally different: thank you for clarifying this point, which i forgot to mention. try, however, adding a group named "Administrator" to PDC or WKSTA domains: you will find that it fails. From jallison at cthulhu.engr.sgi.com Fri Oct 30 17:45:55 1998 From: jallison at cthulhu.engr.sgi.com (Jeremy Allison) Date: Tue Dec 2 02:24:39 2003 Subject: USRMGR in W95 since 1998-10-18 References: Message-ID: <3639FB53.69A445C1@engr.sgi.com> Luke Kenneth Casson Leighton wrote: > > > that breaks an NT case if you put it back the way it was. like i said in > an earlier message, we do not make sufficient distinction between the > various cases. > Yes, but remember - serving logins for Win95/98 works perfectly in the current (1.9.18p10) stable release. We will not release Samba2 and break that. If it causes trouble for NT when using a Samba PDC then until we get a handle on the problem then we have to go with the more common case for our users - which is to support Win95/98. Just to scare you - remember *millions* of people & Samba installations are depending on us to get this right & not ship broken code - I kid you not ! That sometimes keeps me awake at nights.... Jeremy. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From jallison at cthulhu.engr.sgi.com Fri Oct 30 18:00:54 1998 From: jallison at cthulhu.engr.sgi.com (Jeremy Allison) Date: Tue Dec 2 02:24:39 2003 Subject: null session %U expansion (patch) References: <19981030021940.16741.cpmta@fillmore.criticalpath.net> Message-ID: <3639FED6.E7085897@engr.sgi.com> thwartedefforts@wonky.org wrote: > > No one responded with comments Sorry about that - I've been just a bit busy... > concerning the implementation > of a workaround for when a client sends a null username over > an already validated connection and how that effects %U > expansion, so I implemented it with parameters that enable > it or disable it. > > A patch and a readme are available at > > http://homepage.interaccess.com/~abakun/samba/ > > It would be really cool if someone out there in samba land > could evaluate this patch for fitness and possibly apply > it to the cvs tree, or at the very least tell me what > I'm doing wrong. > Yeah I took a look at it and I'm not convinced it's needed. Resons follow. > This works around an aspect of NT4 wherein the NT4 > client sends a request to samba over a connection that > has already been validated, but does not include a > username/password. When a username is not specified by > the client, samba automaticly assigns guest permissions > and changes the value that %U expands to. This can make > things confusing if have macro expansions in include > files that depend on things like the username. > The cases we need to look at here are, firstly security=share. This is the case that the sesssetup_user global was created for - it keeps the last used username around as with share level security you have no vuid's in an smb packet to determine the user. With all other 'security=' levels every packet contains a valid vuid number which is checked before access is allowed. As a part of that check the client user name that was authenticated to produce that vuid is copied into the sesssetup_user global to ensure that %U macro expansion works correctly in the context of that smb request. The only issue is when a null sessionsetupandX is sent. This will create a valid vuid, but currently sets the authenticated user name to the UNIX user designated as the Samba 'guest' account, instead of a blank string. That this means is that all %U macro expansions done when an SMB request with this vuid comes in will map to the Samba UNIX 'guest' user, rather than become blank. All we need to decide is if this is desired behaviour, and if not, what username we want to use for %U macro expansion for an anonymous connection. My argument would be that the current behaviour, which is to use the Samba UNIX 'guest' name, is the correct one and then document it. If you don't think it's desired behaviour then what name to do want %U to map to when SMB packets come in that are from an anonymous session ? Cheers, Jeremy Allison, Samba Team. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From lkcl at switchboard.net Fri Oct 30 18:12:08 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:39 2003 Subject: USRMGR in W95 since 1998-10-18 In-Reply-To: <3639FB53.69A445C1@engr.sgi.com> Message-ID: > Just to scare you - remember *millions* of people & > Samba installations are depending on us to get this ssh! i'm not scared! but other people might be :-) From lkcl at switchboard.net Fri Oct 30 19:08:22 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:39 2003 Subject: null session %U expansion (patch) In-Reply-To: <3639FED6.E7085897@engr.sgi.com> Message-ID: > If you don't think it's desired behaviour then what name > to do want %U to map to when SMB packets come in that > are from an anonymous session ? this is not quite the right question. the behaviour (incorrect behaviour) we are seeing is when you get this: - null connection to ipc$ - Netwkstagetinfo call - auth connection either another sessetupX or a tconX with user the behaviour (correct behaviour) occurs when: - auth connection (sessetupX with username etc) plus tconX to a share - null connection (tconX to ipc$) - netwkstagetinfo call the behaviour is caused by microsoft's "breaking" of the domain rules, which were added so that lose95 and other non-nt-domain clients could browse nt domain machines anonymously. however, they must be compatible with nt 3.1 and nt 3.5/3.51 which do not allow such anonymous connections. therefore, if we refuse anonymous connections, then clients will "revalidate" with a non-anonymous connection (usr, pass, domain) immediately, and _then_ do a netwkstagetinfo call, and we will be in a position to respond correctly. can we add a "restrict anonymous" option to refuse all null session connections, which i believe will fix this problem once and for all: we've been over and over this for approximately eighteen months, it keeps coming up. luke From thwartedefforts at wonky.org Fri Oct 30 21:13:50 1998 From: thwartedefforts at wonky.org (thwartedefforts@wonky.org) Date: Tue Dec 2 02:24:39 2003 Subject: null session %U expansion (patch) Message-ID: <19981030211350.9669.cpmta@fillmore.criticalpath.net> On Fri, 30 October 1998, Jeremy Allison wrote: > Sorry about that - I've been just a bit busy... Understandable. > The cases we need to look at here are, firstly security=share. > This is the case that the sesssetup_user global was created > for - it keeps the last used username around as with share > level security you have no vuid's in an smb packet to > determine the user. Note that my patch treats security=share independantly of the other security levels, always giving the original behaviour in this case, no matter what the values of the new parameters. > With all other 'security=' levels every packet contains > a valid vuid number which is checked before access is > allowed. I'd like to verify this myself (not that I don't trust you, just that I want to fully understand). Unfortunately, I don't think it will apply anyway, because in reply_sesssetup_and_X, the vuid stuff isn't used in the place where it's assigning to sesssetup_user. Perhaps it should be. > As a part of that check the client user name that was > authenticated to produce that vuid is copied into the > sesssetup_user global to ensure that %U macro expansion > works correctly in the context of that smb request. > > The only issue is when a null sessionsetupandX is sent. > This will create a valid vuid, but currently sets the > authenticated user name to the UNIX user designated as > the Samba 'guest' account, instead of a blank string. > > That this means is that all %U macro expansions done > when an SMB request with this vuid comes in will map > to the Samba UNIX 'guest' user, rather than become blank. > > All we need to decide is if this is desired behaviour, > and if not, what username we want to use for %U macro > expansion for an anonymous connection. Is this connection really anonymous? It was previously validated, and it is the same connection. The behaviour of the client I'm seeing is that I open up in Window's Explorer my samba machine. I click on a share. The share's contents show up, and then between 2 and 5 seconds later, the share contents refresh _without_ user intervention, and apparently reply_sesssetup_and_X is being called again, but with an empty username. This effects the reload_services call, and the names of the configuration files it subsiquently reads. It seems this only happens once, no matter which share I open. If I open a second share, the client doesn't end up invoking reply_sesssetup_and_X again. This is all using NT4SP3 client. I observe the same thing (refresh) when I connect to a NT4SP3 Server, rather than samba, although it doesn't actually do anything because you can't configure NT Server to have different configurations based on user. > My argument would be that the current behaviour, which > is to use the Samba UNIX 'guest' name, is the correct one > and then document it. I would agree if this was occuring over a competely new connection, but my tests show that it's not. The connection is previously validated, which is proven(?) by the value of sesssetup_user that is being overwritten. > If you don't think it's desired behaviour then what name > to do want %U to map to when SMB packets come in that > are from an anonymous session ? If it's from a previously validated session, I want %U to not change (keep it's previous value). If it's a completely new connection that is anonymous, then the specified guest user. Also, I notice that reply_sesssetup_and_X is doing the guest account detection and assignment, but then it goes on to call map_username. Isn't the mapping to the guest account the same as mapping to any other unix user? Andy. From jallison at cthulhu.engr.sgi.com Fri Oct 30 21:44:54 1998 From: jallison at cthulhu.engr.sgi.com (Jeremy Allison) Date: Tue Dec 2 02:24:39 2003 Subject: null session %U expansion (patch) References: <19981030211350.9669.cpmta@fillmore.criticalpath.net> Message-ID: <363A3356.4B380605@engr.sgi.com> thwartedefforts@wonky.org wrote: > > On Fri, 30 October 1998, Jeremy Allison wrote: > > With all other 'security=' levels every packet contains > > a valid vuid number which is checked before access is > > allowed. > > I'd like to verify this myself (not that I don't trust you, just > that I want to fully understand). Unfortunately, I don't think > it will apply anyway, because in reply_sesssetup_and_X, the vuid > stuff isn't used in the place where it's assigning to > sesssetup_user. Perhaps it should be. > reply_sesssetup_and_X is where new vuids get *created*. It is essentially the SMB "logon" call. In non-share level security Samba creates the vuid in this call and then sends it back to the client. > > Is this connection really anonymous? It was previously > validated, and it is the same connection. You are mistaking "connections" with TCP connections. When I refer to a validated SMB connection I mean an existing user vuid - created by a sessionsetupandX call. Multiple SMB user connections are multiplexed down one TCP connection to one smbd - that's why we have the multiple vuid code in Samba. > The behaviour > of the client I'm seeing is that I > open up in Window's Explorer my samba machine. I click > on a share. The share's contents show up, and then between > 2 and 5 seconds later, the share contents refresh _without_ > user intervention, and apparently reply_sesssetup_and_X is > being called again, but with an empty username. This > effects the reload_services call, and the names of the > configuration files it subsiquently reads. It seems this > only happens once, no matter which share I open. If > I open a second share, the client doesn't end up invoking > reply_sesssetup_and_X again. > What you are reporting here seems to be a client bug, as Luke pointed out. The problem is that you as a user have authenticated to Samba using sessionsetupandX and have received a vuid. The client machine also does a sessionsetupandX *independently of your logon* as an anonymous user and receives a vuid for this (anonymous) user. When you ask for a list of resources, the machine seems to be doing the request to list the shares as you (using your vuid), however, when it refreshes it sometimes seems to be sending the request using the anonymous vuid it obtained for itself. This is a really nasty bug to fix for Samba, as we *must* believe the incoming vuid from the client as all our authentication decisions are based upon it. (Yes this does mean that if you can spoof a TCP session and use a known vuid then the SMB protocol is open to filesystem hijack, but I'm sure you already knew that :-). > This is all using NT4SP3 client. I observe the same thing > (refresh) when I connect to a NT4SP3 Server, rather than > samba, although it doesn't actually do anything because > you can't configure NT Server to have different > configurations based on user. > There's the rub. That's why they probably haven't detected and fixed this client bug in NT, because their servers can't give different resource lists per vuid - Samba can. > I would agree if this was occuring over a competely new > connection, but my tests show that it's not. The connection > is previously validated, which is proven(?) by the value of > sesssetup_user that is being overwritten. > The value of the vuid is the critical factor here. If two SMB requests contain different vuids, then it's a different user as far as Samba is concerned. > If it's from a previously validated session, I want %U to > not change (keep it's previous value). If it's a completely > new connection that is anonymous, then the specified guest > user. Can't do that if it's a different vuid in the SMB request. That would break any security the vuid provides. The Samba code does what you want now *provided the vuid is the same* ! Cheers, Jeremy. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. --------------------------------------------------------