dhruva | 1 Feb 06:17 2007
Picon

Debugging/tracing talloc

Hi,
 In the port of Samba on OpenVMS (we are working on based on Samba
3.0.23d), we are facing a consistent crash from init_registry() that
arises from a call to free memory. This happens only the first time
(in the absence of registry.tdb). We just have to restart Samba and
things work fine. I am trying to fix this problem and hence would like
to know if there are any ways to log/trace talloc calls.

with best regards,
dhruva

--

-- 
Dhruva Krishnamurthy
Contents reflect my personal views only!

ahmed.feroz | 1 Feb 07:07 2007

PnP on windows vista RTM-build 6000


Hi when I do Point and Print between windows vista and samba print
server the PnP is aborting by popping up an error message

"Windows cannot connect to the printer. Operation could not be completed
(error 0x0000000d)". can some one let me know what is the reason for
this bug...

Thanks & Regards

Feroz Ahmed

Wipro Technologies

Bangalore

Tel: +91-80-28440011 Ext 18124

Direct No.+91-80-30298124

Cell: +91-9880157370

The information contained in this electronic message and any attachments to this message are intended for
the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged
information. If you are not the intended recipient, you should not disseminate, distribute or copy this
e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. 

WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any
attachments for the presence of viruses. The company accepts no liability for any damage caused by any
virus transmitted by this email.
(Continue reading)

Jeremy Allison | 1 Feb 07:39 2007
Picon

Re: PnP on windows vista RTM-build 6000

On Thu, Feb 01, 2007 at 11:37:05AM +0530, ahmed.feroz <at> wipro.com wrote:
> 
> Hi when I do Point and Print between windows vista and samba print
> server the PnP is aborting by popping up an error message
> 
> "Windows cannot connect to the printer. Operation could not be completed
> (error 0x0000000d)". can some one let me know what is the reason for
> this bug...

I've just committed some fixes for Vista printing into
the main svn tree. Should be fixed in the next release.
(we hope).

Jeremy.

Volker Lendecke | 1 Feb 10:19 2007
Picon

Re: Debugging/tracing talloc

On Thu, Feb 01, 2007 at 10:47:04AM +0530, dhruva wrote:
> In the port of Samba on OpenVMS (we are working on based on Samba
> 3.0.23d), we are facing a consistent crash from init_registry() that
> arises from a call to free memory. This happens only the first time
> (in the absence of registry.tdb). We just have to restart Samba and
> things work fine. I am trying to fix this problem and hence would like
> to know if there are any ways to log/trace talloc calls.

Add DEBUG() statements to talloc.c :-)

Volker
Volker Lendecke | 1 Feb 11:05 2007
Picon

Re: cli_NetSessionEnum with additional parameter

On Wed, Jan 31, 2007 at 06:22:14PM -0500, seanmkim <at> aim.com wrote:
>  It will be nice to have this in the next release. I just
>  thought I would share.

.... Patch missing.... :-)

Although probably doing the same with the corresponding RPC
functions would be more the way to go these days, with the
RAP functions for example you see only shares up to 12 chars
in length.

Volker
Picon

Enhancement to allow winbindd to parse fully qualified kerberos names???

Hi Jerry, Jeremy and Guenther,
Volker pointed me towards you guys to consider this:

I have a need for winbindd to be able to parse fully qualified kerberos
names, eg:

    ddmc <at> WTEC.ADAPPS.HP.COM, etc.

I use a simple pam_kerberos authentication to an Active Directory
domain, with winbind providing the sid <-> uid map resolution.  (I've
submitted a paper proposal to SambaXP about this, so perhaps I'll get to
talk about it there ;-) )  So IF I set up my HP-UX box such:

password server = wtec-dc1.wtec.adapps.hp.com, * 
realm = WTEC.ADAPPS.HP.COM netbios name = gwen workgroup = WTEC security
= ADS

# Winbindd section:
idmap uid = 10000-20000
idmap gid = 20000-30000
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = yes
template shell = /bin/sh
Template home directory = /home/%D/%U

Then I can login to my HP-UX system by just providing a ms windows user
name from the WTEC.ADAPPS.HP.COM AD domain - since 'winbind use default
domain = yes', when nsswitch pushes the request to winbindd, it prepends
the domain name to my username, and  WTEC\ddmc is found.  (We do this
(Continue reading)

Guenther Deschner | 1 Feb 18:17 2007
Picon

Re: Enhancement to allow winbindd to parse fully qualified kerberos names???

Hi Don,

the main problem I see with this approach (beside the trusted domains) is that 
you'll end with the requirement that user <at> REALM.COM always needs to have a 
corresponding sammaccountname of REALM.COM\user. You cannot rely on that as 
in AD you can:

a) have a sammaccountname of "REALM.COM\otheruser" and a upn 
of "user <at> REALM.COM" and 
b) assign arbitrary upnsuffixes to domains, ending up potentially with a upn 
in the form of "EXAMPLE.CO.UK\otheruser" and a sammaccountname 
of "user <at> REALM.COM".

The only way I can think of implementing that (without proper DsCrackName 
support) is to do a kind of poor-mans-Cracknames which consists of two 
additional LSA lookups: 
1) LsaLookupName(upn) returning a sid and 
2) LsaLookupSid(sid) to get the "classic" NT4 name format back. 

The additional roundtrips can be limited only on the PAM logon - when using 
the new kerberized pam_winbind. I had got something like that running a 
longer time ago for testing. Then again, you can nicely confuse PAM and NSS 
with such a drastic username change from PAM logon till the NSS getpwnam.

Just my 2 cents.

Guenther

--

-- 
G√ľnther Deschner                    GPG-ID: 8EE11688
(Continue reading)

James Peach | 1 Feb 18:23 2007
Picon

Re: svn commit: samba r21111 - in branches/SAMBA_3_0/source: modules param smbd

On Feb 1, 2007, at 7:11 AM, vlendec <at> samba.org wrote:

> Author: vlendec
> Date: 2007-02-01 15:11:06 +0000 (Thu, 01 Feb 2007)
> New Revision: 21111
>
> WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=21111
>
> Log:
> Reorganize the change notify params a bit. We now have the per-share
> parameters
>
> change notify = [yes]/no           # do we do it at all
> kernel change notify = [yes]/no    # enable/disable inotify
>
> Those who want FAM need to say
>
> change notify = yes
> vfs objects = notify_fam

I would have thought that both inotify and FAM should be modules?

--
James Peach | jpeach <at> samba.org

simo | 1 Feb 18:29 2007
Picon

Re: Enhancement to allow winbindd to parse fully qualified kerberos names???

On Thu, 2007-02-01 at 18:17 +0100, Guenther Deschner wrote:
> Hi Don,
> 
> the main problem I see with this approach (beside the trusted domains) is that 
> you'll end with the requirement that user <at> REALM.COM always needs to have a 
> corresponding sammaccountname of REALM.COM\user. You cannot rely on that as 
> in AD you can:
> 
> a) have a sammaccountname of "REALM.COM\otheruser" and a upn 
> of "user <at> REALM.COM" and 
> b) assign arbitrary upnsuffixes to domains, ending up potentially with a upn 
> in the form of "EXAMPLE.CO.UK\otheruser" and a sammaccountname 
> of "user <at> REALM.COM".
> 
> The only way I can think of implementing that (without proper DsCrackName 
> support) is to do a kind of poor-mans-Cracknames which consists of two 
> additional LSA lookups: 
> 1) LsaLookupName(upn) returning a sid and 
> 2) LsaLookupSid(sid) to get the "classic" NT4 name format back. 
> 
> The additional roundtrips can be limited only on the PAM logon - when using 
> the new kerberized pam_winbind. I had got something like that running a 
> longer time ago for testing. Then again, you can nicely confuse PAM and NSS 
> with such a drastic username change from PAM logon till the NSS getpwnam.

I think it would be worth to have this.
Could make life easier in many cases imo.

Simo.

(Continue reading)

Volker Lendecke | 1 Feb 18:49 2007
Picon

Re: svn commit: samba r21111 - in branches/SAMBA_3_0/source: modules param smbd

On Thu, Feb 01, 2007 at 09:23:27AM -0800, James Peach wrote:
> I would have thought that both inotify and FAM should be modules?

I thought about that, but decided against it. We want to
have inotify as a default if it is available, FAM only as a
fallback for platforms which do not have inotify. So by
default it would have to be a static module, I don't want
smbd to fail if it is not correctly installed.

We can move inotify to modules/ if someone comes up with an
alternative implementation of a different mechanism on, say,
FreeBSD that provides an equally accepted interface. Should
be easily possible. And if you feel like it, just do it :-)

Volker

Gmane