Greg Silverman | 5 Aug 03:56 2015
Picon

Building on OS X Yosemite

Seeing incomplete type compile errors: HKEY_RPC.

Looks like it wants to use the Windows registry. ???

Sent from my iPhone

Greg Silverman | 5 Aug 01:36 2015
Picon

Cygwin

Hi,

I am trying to build samba on cygwin. I have at least these 2 problems:

1. The dll's are created with names that contain version numbers. I assume that on linux symbolic links to
those so's would be created without version numbers. On windows I can get around this problem by copying a
dll to a file with the correct name or creating symbolic links on the command line.

2. The smbregistry dll cannot be built because several functions are not available in the input libraries,
such as, db_open and load_parm_int. The dbwrap dll is built but it does not contain the .o
file for dbwrap_open.c.

Any help would be greatly appreciated.

Thanks,

Greg

Richard Sharpe | 5 Aug 00:58 2015
Picon

What was the resolution about why we are talking to DCs when a client authenticates with Kerberos

Hi folks,

I recall some discussion that we were contacting DCs even when a
client authenticates with Kerberos 5.

There was a suggestion that we should not be doing that.

Was the investigation of why we are doing it completed? What was the resolution?

--

-- 
Regards,
Richard Sharpe
(何以解憂?唯有杜康。--曹操)

Stefan Metzmacher | 4 Aug 23:19 2015
Picon

[Announce] Samba 4.3.0rc2 Available for Download

Release Announcements
=====================

This is the second release candidate of Samba 4.3.  This is *not*
intended for production environments and is designed for testing
purposes only.  Please report any defects via the Samba bug reporting
system at https://bugzilla.samba.org/.

Samba 4.3 will be the next version of the Samba suite.

UPGRADING
=========

Nothing special.

NEW FEATURES
============

Logging
-------

The logging code now supports logging to multiple backends.  In
addition to the previously available syslog and file backends, the
backends for logging to the systemd-journal, lttng and gpfs have been
added. Please consult the section for the 'logging' parameter in the
smb.conf manpage for details.

Spotlight
---------

(Continue reading)

Volker Lendecke | 4 Aug 18:42 2015
Picon

Re: Need Help regarding tellDir support on samba for Android

Hi!

One more hint: A reference how VFS-level directory handling
might work can be found in the vfs_dirsort.c module. In
fact, if I think about it: This might already solve your
problem with the additional benefit of sorting the directory
entries.

Volker

On Tue, Aug 04, 2015 at 12:46:12PM +0200, Volker Lendecke wrote:
> On Tue, Aug 04, 2015 at 06:51:28AM +0000, Anoop Singh wrote:
> > Hi Volker,
> > 
> > Thanks for your kind mail. I was able to debug this issue and came to conclusion that functions telldir and
seekdir needs to be implemented.
> > This is due to the reason I am using an Android device which doesn't have these supports.
> > My Android device is based upon Bionic system. I got telldir.c file which is used in BSD system. Here is the
code link
> > http://www.ic.unicamp.br/~islene/2s2008-mo806/libc/sysdeps/unix/bsd/telldir.c
> > 
> > But the same code won't work in bionic system.
> > 
> > It would be great if you could let me know telldir.c file or how to implement telldir and seekdir in bionic system?
> > Your help will be greatly appreciated.
> 
> No, sorry, I can't really tell how to extend the bionic libc. I've never
> seen such a system. You might get away without telldir and seekdir
> by implementing the readdir semantics in a VFS module and intercept
> telldir/seekdir. You could either do the full readdir scan at opendir time
(Continue reading)

Andrew Bartlett | 4 Aug 00:59 2015
Picon

[PATCH] Allow Huawei Unified Storage System S5500 V3 to join the AD DC

This patch allows the Huawei Unified Storage System S5500 V3 to join a
Samba AD DC.  It appears to have a hand-rolled GSSAPI implementation
that is compatible with Windows, but not the spec.

Upstream Heimdal has chosen to be compatible with Windows in this case,
see: https://github.com/heimdal/heimdal/pull/134

I acknowledge that concerns were raised in a private forum regarding
this being unconditional, however as the patch has been accepted as
presented here into upstream Heimdal, it is best that we import it
directly. 

Note: For the MIT Kerberos port, this sadly does mean we will need to
implement the gssapi_krb5 GENSEC mech, as the fake_gssapi method there
is currently the only test for this codepath. 

Thanks,

Andrew Bartlett
--

-- 
Andrew Bartlett
https://samba.org/~abartlet/
Authentication Developer, Samba Team         https://samba.org
Samba Development and Support, Catalyst IT   
https://catalyst.net.nz/services/samba

(Continue reading)

Webmaster IESCDM | 3 Aug 16:42 2015
Picon

Sysprep joins fail on Samba >= 4.2.0

Hi,

We have a samba 4.2.2 setup compiled from source, single DC, internal DNS.
We've been using this samba setup in production since version 4.0.3. All
clients are Windows 7-x64.

Since we upgraded to samba 4.2.0 back in march 2015, we are not able to
join client machines to the domain using our sysprep unattended image, but
joining machines via the manual procedure using the Windows GUI works
perfectly.

Perhaps we're overlooking something very obvious, but we've done 3+ weeks
of research on the issue and we've come up to these conclusions:

- samba < 4.2.0: unattended joins using sysprep work OK

- samba >= 4.2.0 unattended joins using sysprep fail. Netsetup.log errors
0x54a and 1354 (ERROR_INVALID_DOMAIN_ROLE This operation is only allowed
for the primary Domain Controller of the domain.)

To discard possible own database corruptions, we've rolled back to our past
4.1.17 setup and sysprep domain join works flawlessly. Then we update this
environment to 4.2.2 and it stops working.

We've also tested pushing all our current databases from our current setup
(4.2.2) into a 4.1.17 samba and it works!

So it leads us to think it might be a problem with some change introduced
at 4.2.0
regarding domain join that only shows up when trying to do unattended joins.
(Continue reading)

Anoop Singh | 3 Aug 14:22 2015

Need Help regarding tellDir support on samba for Android

Dear Group Members

I am working on providing samba share on my customized Android device.
I am able to share a directory but when I drop a file from windows machine to shredFolder through the network,
It doesn't allow.
I see the file is getting created on the device but the content of the file is not copied means file size on the
device is zero.

Here is the log.smbd pointer:

telldir not implemented on Android

  STATUS=daemon 'smbd' finished starting up and ready to serve connections PANIC (pid 26576):
sys_set_vfs_quota: called with NULL pointer

I need help to fix this issue urgently.
How can we provide tellDir support on Android. Do I need to make some code replacement in samba wherever
tellDir is used?

Please let me know the solution.

Thanks & regards,
Anoop.

-----------------------------------------------------------------------------------------------------------------------------
DISCLAIMER: This electronic message and any attachments to this electronic message is intended for the
exclusive use of the addressee(s) named herein and may contain legally privileged and confidential
information. It is the property of Celstream Technologies Private Limited. If you are not the intended
recipient, you are hereby strictly notified not to copy, forward, distribute or use this message or any
attachments thereto. If you have received this message in error, please delete it and all copies thereof,
(Continue reading)

Anoop C S | 3 Aug 09:22 2015
Picon

[PATCH] Some coverity fixes

Hi all,

Reviews are welcome.

Thanks,
Anoop C S.
Uri Simchoni | 3 Aug 00:23 2015
Picon

Kerberos AES encryption and older samba versions

Hi,

I see that for a samba 3.3.x-based setup working against a Server
2008R2 RODC, sometimes the Kerberos AS request with pre-authentication
data gets a reply of KRB5KDC_ERR_ETYPE_NOSUPP. The PA-DATA is
encrypted with eTYPE-AES256-CTS-HMAC-SHA1-96, although this machine
does not have the msDS-SupportedEncryptionTypes attribute set -
Heimdal is supporting AES, does not honor "default_tgs_enctypes" (at
least the version used), and just goes ahead and tries AES.

The strange thing is that it mostly works, except when it isn't
working. Does anyone know if it's a known issue (RODC being picky
about encryption types in preauth, validating them against
msDS-SupportedEncryptionTypes)?

If that's the cause of the issue, what's the best course of action
(e.g. just set msDS-SupportedEncryptionTypes, or is it more involved
than that. Perhaps I should just disable AES in the KRB lib)

Thanks,
Uri.

Matthias Dieter Wallnöfer | 2 Aug 22:29 2015
Picon

[PATCH] Compilation warning

Stumbled over when building on a 32 bit system. Please review!

Matthias
diff --git a/source4/torture/ndr/samr.c b/source4/torture/ndr/samr.c
index 91bb4d7..589ce72 100644
--- a/source4/torture/ndr/samr.c
+++ b/source4/torture/ndr/samr.c
 <at>  <at>  -294,8 +294,8  <at>  <at>  static bool samr_changepassworduser3_w2k8r2_out_check(struct torture_context *tc
 	torture_assert_int_equal(tctx, dominfo->min_password_length, 7, "min_password_length");
 	torture_assert_int_equal(tctx, dominfo->password_history_length, 0, "password_history_length");
 	torture_assert_int_equal(tctx, dominfo->password_properties, DOMAIN_PASSWORD_COMPLEX, "password_properties");
-	torture_assert_u64_equal(tctx, dominfo->max_password_age, 0xffffdeff0aa68000, "max_password_age");
-	torture_assert_u64_equal(tctx, dominfo->min_password_age, 0x0000000000000000, "min_password_age");
+	torture_assert_u64_equal(tctx, dominfo->max_password_age, 0xffffdeff0aa68000ULL, "max_password_age");
+	torture_assert_u64_equal(tctx, dominfo->min_password_age, 0x0000000000000000ULL, "min_password_age");

 	torture_assert_int_equal(tctx, reject->extendedFailureReason, SAM_PWD_CHANGE_NOT_COMPLEX, "extendedFailureReason");
 	torture_assert_int_equal(tctx, reject->filterModuleName.length, 0, "filterModuleName.length");

Gmane