[Samba] Samba 4.1 DFS Share only access by administrator

Showing 1-15 of 15 messages
[Samba] Samba 4.1 DFS Share only access by administrator Daniel Müller 12/4/13 1:40 AM
Dear all,

I am testeing the dfs functions with Samba4.
In my global section: host msdfs=yes
vfs objects = dfs_samba4
Later on setting a dfs root:

[dfs]
        path = /windows/dfs
        read only = No
        msdfs root = Yes

ls -s  the shares in this root.

lrwxrwxrwx  1 root root   19  2. Dez 09:29 difaem -> msdfs:linux2\difaem
lrwxrwxrwx  1 root root   20  2. Dez 09:29 leitung -> msdfs:linux2\leitung
lrwxrwxrwx  1 root root   30  2. Dez 09:30 programmassistenz ->
msdfs:linux2\programmassistenz


[root@linux2 windows]# getfacl dfs
# file: dfs
# owner: root
# group: root
user::rwx
user:root:rwx
group::r-x
group:root:r-x
group:users:r-x
group:3000002:rwx
group:DIFAEM\134Domain\040Admins:rwx
mask::rwx
other::r-x
default:user::rwx
default:user:root:rwx
default:group::r-x
default:group:root:r-x
default:group:users:r-x
default:group:3000002:rwx
default:group:DIFAEM\134Domain\040Admins:rwx
default:mask::rwx
default:other::r-x


On the single shares the users can login without any issue.
When trying to connect over [dfs] access is denied. Only administrator can
login the shares!?

What has changed since samba3?

Greetings
Daniel

-----------------------------------------------
EDV Daniel Müller

Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen

Tel.: 07071/206-463, Fax: 07071/206-499
eMail: mue...@tropenklinik.de
Internet: www.tropenklinik.de
-----------------------------------------------


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 4.1 DFS Share only access by administrator Daniel Müller 12/4/13 2:20 AM
The Error logs when a user try to connect a share linked in dfs:

[2013/12/04 11:12:11.804551,  0]
../lib/ldb-samba/ldb_wrap.c:71(ldb_wrap_debug)
  ldb: module samba_dsdb initialization failed : Operations error
[2013/12/04 11:12:11.804626,  0]
../lib/ldb-samba/ldb_wrap.c:71(ldb_wrap_debug)
  ldb: Unable to load modules for /usr/local/samba/private/sam.ldb: Unable
to open tdb '/usr/local/samba/private/sam.ldb.d/DC=DIFAEM,DC=LOC.ldb'
[2013/12/04 11:12:11.804733,  0]
../source3/modules/vfs_dfs_samba4.c:81(dfs_samba4_connect)
  samdb_connect failed
[2013/12/04 11:12:11.804817,  0]
../source3/smbd/msdfs.c:338(create_conn_struct)
  VFS connect failed!
[2013/12/04 11:12:11.806657,  0]
../lib/ldb-samba/ldb_wrap.c:71(ldb_wrap_debug)
  ldb: module partition initialization failed : Operations error
[2013/12/04 11:12:11.806748,  0]
../lib/ldb-samba/ldb_wrap.c:71(ldb_wrap_debug)
  ldb: module show_deleted initialization failed : Operations error
[2013/12/04 11:12:11.806826,  0]
../lib/ldb-samba/ldb_wrap.c:71(ldb_wrap_debug)
  ldb: module extended_dn_out_ldb initialization failed : Operations error
[2013/12/04 11:12:11.806900,  0]
../lib/ldb-samba/ldb_wrap.c:71(ldb_wrap_debug)
  ldb: module linked_attributes initialization failed : Operations error
[2013/12/04 11:12:11.806982,  0]
../lib/ldb-samba/ldb_wrap.c:71(ldb_wrap_debug)
  ldb: module repl_meta_data initialization failed : Operations error
[2013/12/04 11:12:11.807057,  0]
../lib/ldb-samba/ldb_wrap.c:71(ldb_wrap_debug)
  ldb: module subtree_delete initialization failed : Operations error
[2013/12/04 11:12:11.807133,  0]
../lib/ldb-samba/ldb_wrap.c:71(ldb_wrap_debug)
  ldb: module operational initialization failed : Operations error
[2013/12/04 11:12:11.807205,  0]
../lib/ldb-samba/ldb_wrap.c:71(ldb_wrap_debug)
  ldb: module aclread initialization failed : Operations error
[2013/12/04 11:12:11.807298,  0]
../lib/ldb-samba/ldb_wrap.c:71(ldb_wrap_debug)
  ldb: module acl initialization failed : Operations error
[2013/12/04 11:12:11.807377,  0]
../lib/ldb-samba/ldb_wrap.c:71(ldb_wrap_debug)
  ldb: module descriptor initialization failed : Operations error
[2013/12/04 11:12:11.807448,  0]
../lib/ldb-samba/ldb_wrap.c:71(ldb_wrap_debug)
  ldb: module objectclass initialization failed : Operations error
[2013/12/04 11:12:11.807518,  0]
../lib/ldb-samba/ldb_wrap.c:71(ldb_wrap_debug)
  ldb: module asq initialization failed : Operations error
[2013/12/04 11:12:11.807588,  0]
../lib/ldb-samba/ldb_wrap.c:71(ldb_wrap_debug)
  ldb: module server_sort initialization failed : Operations error
[2013/12/04 11:12:11.807660,  0]
../lib/ldb-samba/ldb_wrap.c:71(ldb_wrap_debug)
  ldb: module paged_results initialization failed : Operations error
[2013/12/04 11:12:11.807730,  0]
../lib/ldb-samba/ldb_wrap.c:71(ldb_wrap_debug)
  ldb: module dirsync initialization failed : Operations error
[2013/12/04 11:12:11.807801,  0]
../lib/ldb-samba/ldb_wrap.c:71(ldb_wrap_debug)
  ldb: module schema_load initialization failed : Operations error
[2013/12/04 11:12:11.807871,  0]
../lib/ldb-samba/ldb_wrap.c:71(ldb_wrap_debug)
  ldb: module rootdse initialization failed : Operations error
[2013/12/04 11:12:11.807941,  0]
../lib/ldb-samba/ldb_wrap.c:71(ldb_wrap_debug)
  ldb: module samba_dsdb initialization failed : Operations error
[2013/12/04 11:12:11.808031,  0]
../lib/ldb-samba/ldb_wrap.c:71(ldb_wrap_debug)
  ldb: Unable to load modules for /usr/local/samba/private/sam.ldb: Unable
to open tdb '/usr/local/samba/private/sam.ldb.d/DC=DIFAEM,DC=LOC.ldb'
[2013/12/04 11:12:11.808198,  0]
../source3/modules/vfs_dfs_samba4.c:81(dfs_samba4_connect)
  samdb_connect failed
[2013/12/04 11:12:11.808335,  0]
../source3/smbd/msdfs.c:338(create_conn_struct)
  VFS connect failed!

-----------------------------------------------
EDV Daniel Müller

Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen

Tel.: 07071/206-463, Fax: 07071/206-499
eMail: mue...@tropenklinik.de
Internet: www.tropenklinik.de
-----------------------------------------------

-----Ursprüngliche Nachricht-----
Von: samba-...@lists.samba.org [mailto:samba-...@lists.samba.org] Im
Auftrag von Daniel Müller
Gesendet: Mittwoch, 4. Dezember 2013 10:30
An: sa...@lists.samba.org
Betreff: [Samba] Samba 4.1 DFS Share only access by administrator
Re: [Samba] Samba 4.1 DFS Share only access by administrator Garming Sam 12/4/13 1:50 PM

Hi there,

I just tested the issue myself. I didn't have any luck replicating it
unfortunately.

Would it be possible to get a network trace of the isssue? A clear list
of reproducible steps would be good, just making sure that you haven't
done anything additional which could be different to what I've done.

We think it may have to do with code in
rpc_server/srvsvc/srv_srvsvc_nt.c but it would be good to have a trace
to confirm this.

Cheers,

Garming Sam


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Samba 4.1 DFS Share only access by administrator Daniel Müller 12/4/13 11:30 PM
How do I start trace?

Here is the output when I try to connect to the dfs on the samba localhost with smbclient.
First administrator:

[root@linux2 ~]# smbclient //localhost/dfs  -U 'administrator'
Enter administrator's password:
Domain=[DIFAEM] OS=[Unix] Server=[Samba 4.1.1]
smb: \>
smb: \> ls
  .                                   D        0  Mon Dec  2 09:30:01 2013
  ..                                  D        0  Wed Dec  4 13:19:59 2013
  difaem                              D        0  Mon Dec  2 09:29:15 2013
  leitung                             D        0  Mon Dec  2 09:29:38 2013
  programmassistenz                   D        0  Mon Dec  2 09:30:01 2013

                58585 blocks of size 33553920. 51596 blocks available
smb: \>

smb: \> cd difaem
smb: \difaem\> ls
  .                                   D        0  Wed Dec  4 15:16:51 2013
  ..                                  D        0  Wed Dec  4 13:19:59 2013
  5_Teambesprechungen Difaem          D        0  Tue Dec  3 13:42:42 2013
  Gapminder_HIV_presentation_v1.exe      A 21821912  Wed Jul 14 13:18:32 2010
  Jakob                               D        0  Wed Sep 11 13:08:00 2013
  Medien                              D        0  Wed Dec  4 08:07:17 2013
  Sara                                D        0  Wed Dec  4 08:01:26 201

AS YOU SEE NO PROBLEM AT ALL!!

Now a user:

[root@linux2 ~]# smbclient //localhost/dfs  -U 'harter'
Enter harter's password:
Domain=[DIFAEM] OS=[Unix] Server=[Samba 4.1.1]
smb: \>
smb: \> ls
  .                                   D        0  Mon Dec  2 09:30:01 2013
  ..                                  D        0  Wed Dec  4 13:19:59 2013
  difaem                              D        0  Mon Dec  2 09:29:15 2013
  leitung                             D        0  Mon Dec  2 09:29:38 2013
  programmassistenz                   D        0  Mon Dec  2 09:30:01 2013

                58585 blocks of size 33553920. 51596 blocks available
smb: \>
smb: \> cd difaem
cd \difaem\: NT_STATUS_UNSUCCESSFUL
smb: \>

YOU SEE CANNOT CHANGE AND ENTER?????

The same User and the same share without dfs!!!

[root@linux2 ~]# smbclient //localhost/difaem  -U 'harter'
Enter harter's password:
Domain=[DIFAEM] OS=[Unix] Server=[Samba 4.1.1]
smb: \>

smb: \> ls
  .                                   D        0  Wed Dec  4 15:16:51 2013
  ..                                  D        0  Wed Dec  4 13:19:59 2013
  5_Teambesprechungen Difaem          D        0  Tue Dec  3 13:42:42 2013
  Gapminder_HIV_presentation_v1.exe      A 21821912  Wed Jul 14 13:18:32 2010
  Jakob                               D        0  Wed Sep 11 13:08:00 2013
  Medien                              D        0  Wed Dec  4 08:07:17 2013


Absolutly strange!!!

This is in /var/log/messages:
Dec  5 08:10:58 linux2 smbd[5859]:   ldb: Unable to load modules for /usr/local/samba/private/sam.ldb: Unable to open tdb '/usr/local/samba/private/sam.ldb.d/DC=DIFAEM,DC=LOC.ldb'
Dec  5 08:10:58 linux2 smbd[5859]: [2013/12/05 08:10:58.777538,  0] ../source3/modules/vfs_dfs_samba4.c:81(dfs_samba4_connect)
Dec  5 08:10:58 linux2 smbd[5859]:   samdb_connect failed
Dec  5 08:10:58 linux2 smbd[5859]: [2013/12/05 08:10:58.777630,  0] ../source3/smbd/msdfs.c:338(create_conn_struct)
Dec  5 08:10:58 linux2 smbd[5859]:   VFS connect failed!


[root@linux2 sam.ldb.d]# ls -la
insgesamt 37008
drwxr-x--- 2 root named     4096 19. Nov 07:34 .
drwxr-xr-x 7 root root      4096  5. Dez 08:12 ..
-rw------- 1 root root  14319616  2. Dez 09:39 CN=CONFIGURATION,DC=DIFAEM,DC=LOC.ldb
-rw------- 1 root root  10391552 19. Nov 07:34 CN=SCHEMA,CN=CONFIGURATION,DC=DIFAEM,DC=LOC.ldb
-rw------- 1 root root   4251648  5. Dez 07:43 DC=DIFAEM,DC=LOC.ldb
-rw-rw---- 2 root named  4251648  4. Dez 12:23 DC=DOMAINDNSZONES,DC=DIFAEM,DC=LOC.ldb
-rw-rw---- 2 root named  4251648 19. Nov 07:34 DC=FORESTDNSZONES,DC=DIFAEM,DC=LOC.ldb
-rw-rw---- 2 root named   421888  5. Dez 07:43 metadata.tdb

Steps I did undertake to establish the dfs share:

Mkdir /windows/dfs
Ln -s msdfs inside /windows/dfs

Wrote the share in /usr/local/samba/etc/smb.conf. Restarted samba. That’s all
No further steps as I would have done with samba 3

Greetings
Daniel

-----------------------------------------------
EDV Daniel Müller

Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen

Tel.: 07071/206-463, Fax: 07071/206-499
eMail: mue...@tropenklinik.de
Internet: www.tropenklinik.de
-----------------------------------------------

-----Ursprüngliche Nachricht-----
Von: Garming Sam [mailto:gar...@catalyst.net.nz]
Gesendet: Mittwoch, 4. Dezember 2013 22:39
An: mue...@tropenklinik.de; sa...@lists.samba.org
Cc: 'Andrew Bartlett'
Betreff: Re: [Samba] Samba 4.1 DFS Share only access by administrator

Re: [Samba] Samba 4.1 DFS Share only access by administrator Garming Sam 12/5/13 9:10 PM
> eMail:...@tropenklinik.de

> Internet:www.tropenklinik.de
> -----------------------------------------------
>
> -----Ursprüngliche Nachricht-----
> Von: Garming Sam [mailto:gar...@catalyst.net.nz]
> Gesendet: Mittwoch, 4. Dezember 2013 22:39
> An:mu...@tropenklinik.de;samba@lists.samba.org>> eMail:...@tropenklinik.de

>> Internet:www.tropenklinik.de
>> -----------------------------------------------
>>
>> -----Ursprüngliche Nachricht-----
>> Von:samb...@lists.samba.org  

>> [mailto:samba-...@lists.samba.org] Im Auftrag von Daniel Müller
>> Gesendet: Mittwoch, 4. Dezember 2013 10:30
>> An:s...@lists.samba.org>> eMail:...@tropenklinik.de

>> Internet:www.tropenklinik.de
>> -----------------------------------------------
>>
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:https://lists.samba.org/mailman/options/samba
>>
> Hi there,
>
> I just tested the issue myself. I didn't have any luck replicating it unfortunately.
>
> Would it be possible to get a network trace of the isssue? A clear list of reproducible steps would be good, just making sure that you haven't done anything additional which could be different to what I've done.
>
> We think it may have to do with code in rpc_server/srvsvc/srv_srvsvc_nt.c but it would be good to have a trace to confirm this.
>
>
>
> Cheers,
>
> Garming Sam
>
>
>

So in order to get a network trace, you'll need a program called
Wireshark. If you're unfamiliar with the name, it's just a fairly
standard program that we typically use for capturing network packets.

https://wiki.samba.org/index.php/Capture_Packets

Install it and start it up. To start off you'd have to point it to the
correct network adapter/interface.

Start the trace, reproduce the issue and then stop the trace. Then you
just need to save the file and send it in.


Thanks,

Garming Sam
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Samba 4.1 DFS Share only access by administrator Daniel Müller 12/9/13 3:30 AM
Look at this,
first of all trying to connect to dfs:


[root@linux2 ~]# tcpdump -p -s 0   host 192.168.135.92
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
12:18:28.613089 ARP, Request who-has DD-WRT.local tell stat3leit.local, length 46
12:18:48.083440 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 2747562202:2747562398, ack 3794123653, win 256, length 196SMB-over-TCP packet:(raw data or continuation?)

12:18:48.083466 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [.], ack 196, win 501, length 0
12:18:48.101372 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 1:245, ack 196, win 501, length 244SMB-over-TCP packet:(raw data or continuation?)

12:18:48.109274 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 196:288, ack 245, win 255, length 92SMB-over-TCP packet:(raw data or continuation?)

12:18:48.110025 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 245:373, ack 288, win 501, length 128SMB-over-TCP packet:(raw data or continuation?)

12:18:48.117034 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 288:390, ack 373, win 254, length 102SMB-over-TCP packet:(raw data or continuation?)

12:18:48.122033 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 373:457, ack 390, win 501, length 84SMB-over-TCP packet:(raw data or continuation?)

12:18:48.130011 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 390:548, ack 457, win 254, length 158SMB-over-TCP packet:(raw data or continuation?)

12:18:48.130727 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 457:597, ack 548, win 501, length 140SMB-over-TCP packet:(raw data or continuation?)

12:18:48.137524 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 548:702, ack 597, win 253, length 154SMB-over-TCP packet:(raw data or continuation?)

12:18:48.137731 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 597:674, ack 702, win 501, length 77SMB-over-TCP packet:(raw data or continuation?)

12:18:48.195111 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [.], ack 674, win 253, length 0
12:18:48.256323 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 702:994, ack 674, win 253, length 292SMB-over-TCP packet:(raw data or continuation?)

12:18:48.261866 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 994:1270, ack 674, win 253, length 276SMB-over-TCP packet:(raw data or continuation?)

12:18:48.270269 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 674:918, ack 1270, win 497, length 244SMB-over-TCP packet:(raw data or continuation?)

12:18:48.271690 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 918:995, ack 1270, win 501, length 77SMB-over-TCP packet:(raw data or continuation?)

12:18:48.271773 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 995:1072, ack 1270, win 501, length 77SMB-over-TCP packet:(raw data or continuation?)

12:18:48.280690 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [.], ack 1072, win 251, length 0
12:18:48.280756 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 1270:1644, ack 1072, win 251, length 374SMB-over-TCP packet:(raw data or continuation?)

12:18:48.305101 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 1072:2013, ack 1644, win 501, length 941SMB-over-TCP packet:(raw data or continuation?)

12:18:48.312863 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 1644:1736, ack 2013, win 256, length 92SMB-over-TCP packet:(raw data or continuation?)

12:18:48.313673 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 2013:2141, ack 1736, win 501, length 128SMB-over-TCP packet:(raw data or continuation?)

12:18:48.331385 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 1736:2012, ack 2141, win 256, length 276SMB-over-TCP packet:(raw data or continuation?)

12:18:48.346979 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 2141:2433, ack 2012, win 501, length 292SMB-over-TCP packet:(raw data or continuation?)

12:18:48.354256 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 2012:2104, ack 2433, win 255, length 92SMB-over-TCP packet:(raw data or continuation?)

12:18:48.354824 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 2433:2561, ack 2104, win 501, length 128SMB-over-TCP packet:(raw data or continuation?)

12:18:48.378502 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 2104:2380, ack 2561, win 254, length 276SMB-over-TCP packet:(raw data or continuation?)

12:18:48.391689 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 2561:2853, ack 2380, win 501, length 292SMB-over-TCP packet:(raw data or continuation?)

12:18:48.399324 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 2380:2472, ack 2853, win 253, length 92SMB-over-TCP packet:(raw data or continuation?)

12:18:48.399858 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 2853:2981, ack 2472, win 501, length 128SMB-over-TCP packet:(raw data or continuation?)

12:18:48.460802 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [.], ack 2981, win 252, length 0
12:18:49.770703 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 2472:2626, ack 2981, win 252, length 154SMB-over-TCP packet:(raw data or continuation?)

12:18:49.771731 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 2981:3058, ack 2626, win 501, length 77SMB-over-TCP packet:(raw data or continuation?)

12:18:49.772402 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 2626:2918, ack 2981, win 252, length 292SMB-over-TCP packet:(raw data or continuation?)

12:18:49.773946 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 3058:3135, ack 2918, win 501, length 77SMB-over-TCP packet:(raw data or continuation?)

12:18:49.779905 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [.], ack 3135, win 252, length 0
12:18:49.780579 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 2918:3106, ack 3135, win 252, length 188SMB-over-TCP packet:(raw data or continuation?)

12:18:49.784677 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 3135:3212, ack 3106, win 501, length 77SMB-over-TCP packet:(raw data or continuation?)

12:18:49.791850 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 3106:3398, ack 3212, win 251, length 292SMB-over-TCP packet:(raw data or continuation?)

12:18:49.793156 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 3212:3289, ack 3398, win 501, length 77SMB-over-TCP packet:(raw data or continuation?)

12:18:49.799756 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 3398:3586, ack 3289, win 251, length 188SMB-over-TCP packet:(raw data or continuation?)

12:18:49.803755 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 3289:3366, ack 3586, win 501, length 77SMB-over-TCP packet:(raw data or continuation?)

12:18:49.866777 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [.], ack 3366, win 251, length 0
12:18:49.962454 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 3586:3798, ack 3366, win 251, length 212SMB-over-TCP packet:(raw data or continuation?)

12:18:49.963934 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 3366:3443, ack 3798, win 501, length 77SMB-over-TCP packet:(raw data or continuation?)

12:18:49.970445 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 3798:4066, ack 3443, win 251, length 268SMB-over-TCP packet:(raw data or continuation?)

12:18:49.970493 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 4066:4230, ack 3443, win 251, length 164SMB-over-TCP packet:(raw data or continuation?)

12:18:49.970977 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 3443:3520, ack 4230, win 501, length 77SMB-over-TCP packet:(raw data or continuation?)

12:18:49.974278 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 3520:3597, ack 4230, win 501, length 77SMB-over-TCP packet:(raw data or continuation?)

12:18:49.979765 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 4230:4394, ack 3520, win 256, length 164SMB-over-TCP packet:(raw data or continuation?)

12:18:49.983060 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 3597:3674, ack 4394, win 501, length 77SMB-over-TCP packet:(raw data or continuation?)

12:18:49.988070 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [.], ack 3674, win 256, length 0
12:18:49.989378 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 4394:4630, ack 3674, win 256, length 236SMB-over-TCP packet:(raw data or continuation?)

12:18:49.995998 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 3674:3954, ack 4630, win 501, length 280SMB-over-TCP packet:(raw data or continuation?)

12:18:50.001275 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 4630:4898, ack 3954, win 254, length 268SMB-over-TCP packet:(raw data or continuation?)

12:18:50.001813 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 3954:4031, ack 4898, win 501, length 77SMB-over-TCP packet:(raw data or continuation?)

12:18:50.008017 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 4898:5062, ack 4031, win 254, length 164SMB-over-TCP packet:(raw data or continuation?)

12:18:50.011385 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 4031:4108, ack 5062, win 501, length 77SMB-over-TCP packet:(raw data or continuation?)

12:18:50.069525 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [.], ack 4108, win 254, length 0
12:19:04.259329 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 5062:5134, ack 4108, win 254, length 72SMB-over-TCP packet:(raw data or continuation?)

12:19:04.263698 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 4108:4180, ack 5134, win 501, length 72SMB-over-TCP packet:(raw data or continuation?)

12:19:04.319014 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [.], ack 4180, win 254, length 0
12:19:34.273592 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [.], seq 5133:5134, ack 4180, win 254, length 1[|SMB]
12:19:34.273601 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [.], ack 5134, win 501, options [nop,nop,sack 1 {5133:5134}], length 0
12:20:04.290987 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [.], seq 5133:5134, ack 4180, win 254, length 1[|SMB]
12:20:04.290997 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [.], ack 5134, win 501, options [nop,nop,sack 1 {5133:5134}], length 0
12:20:34.307861 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [.], seq 5133:5134, ack 4180, win 254, length 1[|SMB]
12:20:34.307874 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [.], ack 5134, win 501, options [nop,nop,sack 1 {5133:5134}], length 0
12:20:51.741746 ARP, Request who-has DD-WRT.local tell stat3leit.local, length 46


NOW CONNECTING directly to share without dfs:


[root@linux2 ~]# tcpdump -p -s 0   host 192.168.135.92
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
12:22:06.010194 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 2747571145:2747571217, ack 3794131242, win 252, length 72SMB-over-TCP packet:(raw data or continuation?)

12:22:06.012897 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 1:73, ack 72, win 501, length 72SMB-over-TCP packet:(raw data or continuation?)

12:22:06.086644 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [.], ack 73, win 252, length 0
12:22:12.069233 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 72:174, ack 73, win 252, length 102SMB-over-TCP packet:(raw data or continuation?)

12:22:12.075566 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 73:157, ack 174, win 501, length 84SMB-over-TCP packet:(raw data or continuation?)

12:22:12.086752 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 174:332, ack 157, win 252, length 158SMB-over-TCP packet:(raw data or continuation?)

12:22:12.087693 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 157:297, ack 332, win 501, length 140SMB-over-TCP packet:(raw data or continuation?)

12:22:12.096907 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 332:468, ack 297, win 251, length 136SMB-over-TCP packet:(raw data or continuation?)

12:22:12.097710 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 297:453, ack 468, win 501, length 156SMB-over-TCP packet:(raw data or continuation?)

12:22:12.105253 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 468:576, ack 453, win 256, length 108SMB-over-TCP packet:(raw data or continuation?)

12:22:12.105500 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 453:553, ack 576, win 501, length 100SMB-over-TCP packet:(raw data or continuation?)

12:22:12.112609 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 576:852, ack 553, win 256, length 276SMB-over-TCP packet:(raw data or continuation?)

12:22:12.113131 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 553:637, ack 852, win 501, length 84SMB-over-TCP packet:(raw data or continuation?)

12:22:12.120419 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 852:969, ack 637, win 255, length 117SMB-over-TCP packet:(raw data or continuation?)

12:22:12.120735 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 637:789, ack 969, win 501, length 152SMB-over-TCP packet:(raw data or continuation?)

12:22:12.127626 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 969:1173, ack 789, win 255, length 204SMB-over-TCP packet:(raw data or continuation?)

12:22:12.129308 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 789:873, ack 1173, win 501, length 84SMB-over-TCP packet:(raw data or continuation?)

12:22:12.137217 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 1173:1290, ack 873, win 255, length 117SMB-over-TCP packet:(raw data or continuation?)

12:22:12.137566 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 873:1573, ack 1290, win 501, length 700SMB-over-TCP packet:(raw data or continuation?)

12:22:12.144612 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 1290:1382, ack 1573, win 252, length 92SMB-over-TCP packet:(raw data or continuation?)

12:22:12.145005 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 1573:1701, ack 1382, win 501, length 128SMB-over-TCP packet:(raw data or continuation?)

12:22:12.178005 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 1382:1578, ack 1701, win 251, length 196SMB-over-TCP packet:(raw data or continuation?)

12:22:12.196461 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 1701:1945, ack 1578, win 501, length 244SMB-over-TCP packet:(raw data or continuation?)

12:22:12.204071 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 1578:1670, ack 1945, win 256, length 92SMB-over-TCP packet:(raw data or continuation?)

12:22:12.204629 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 1945:2073, ack 1670, win 501, length 128SMB-over-TCP packet:(raw data or continuation?)

12:22:12.211408 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 1670:1824, ack 2073, win 256, length 154SMB-over-TCP packet:(raw data or continuation?)

12:22:12.212125 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 2073:2150, ack 1824, win 501, length 77SMB-over-TCP packet:(raw data or continuation?)

12:22:12.278196 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [.], ack 2150, win 255, length 0
12:22:15.773569 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 1824:1930, ack 2150, win 255, length 106SMB-over-TCP packet:(raw data or continuation?)

12:22:15.775867 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 2150:2234, ack 1930, win 501, length 84SMB-over-TCP packet:(raw data or continuation?)

12:22:15.782308 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 1930:2088, ack 2234, win 255, length 158SMB-over-TCP packet:(raw data or continuation?)

12:22:15.783341 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 2234:2374, ack 2088, win 501, length 140SMB-over-TCP packet:(raw data or continuation?)

12:22:15.790384 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 2088:2292, ack 2374, win 254, length 204SMB-over-TCP packet:(raw data or continuation?)

12:22:15.799965 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 2374:2618, ack 2292, win 501, length 244SMB-over-TCP packet:(raw data or continuation?)

12:22:15.807067 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 2292:2384, ack 2618, win 254, length 92SMB-over-TCP packet:(raw data or continuation?)

12:22:15.807635 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 2618:2746, ack 2384, win 501, length 128SMB-over-TCP packet:(raw data or continuation?)

12:22:15.815915 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 2384:2520, ack 2746, win 253, length 136SMB-over-TCP packet:(raw data or continuation?)

12:22:15.816906 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 2746:2902, ack 2520, win 501, length 156SMB-over-TCP packet:(raw data or continuation?)

12:22:15.823887 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 2520:2628, ack 2902, win 252, length 108SMB-over-TCP packet:(raw data or continuation?)

12:22:15.824141 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 2902:3002, ack 2628, win 501, length 100SMB-over-TCP packet:(raw data or continuation?)

12:22:15.831254 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 2628:2904, ack 3002, win 252, length 276SMB-over-TCP packet:(raw data or continuation?)

12:22:15.831655 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 3002:3086, ack 2904, win 501, length 84SMB-over-TCP packet:(raw data or continuation?)

12:22:15.838592 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 2904:3021, ack 3086, win 252, length 117SMB-over-TCP packet:(raw data or continuation?)

12:22:15.838898 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 3086:3238, ack 3021, win 501, length 152SMB-over-TCP packet:(raw data or continuation?)

12:22:15.846320 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 3021:3233, ack 3238, win 251, length 212SMB-over-TCP packet:(raw data or continuation?)

12:22:15.847398 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 3238:3446, ack 3233, win 501, length 208SMB-over-TCP packet:(raw data or continuation?)

12:22:15.855150 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 3233:3325, ack 3446, win 256, length 92SMB-over-TCP packet:(raw data or continuation?)

12:22:15.855485 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 3446:3574, ack 3325, win 501, length 128SMB-over-TCP packet:(raw data or continuation?)

12:22:15.863110 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 3325:3479, ack 3574, win 256, length 154SMB-over-TCP packet:(raw data or continuation?)

12:22:15.863307 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 3574:3651, ack 3479, win 501, length 77SMB-over-TCP packet:(raw data or continuation?)

12:22:15.931226 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [.], ack 3651, win 255, length 0
12:22:15.948327 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 3479:3779, ack 3651, win 255, length 300SMB-over-TCP packet:(raw data or continuation?)

12:22:15.953507 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 3779:4063, ack 3651, win 255, length 284SMB-over-TCP packet:(raw data or continuation?)

12:22:15.954833 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 3651:3895, ack 4063, win 497, length 244SMB-over-TCP packet:(raw data or continuation?)

12:22:15.955950 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 3895:3972, ack 4063, win 501, length 77SMB-over-TCP packet:(raw data or continuation?)

12:22:15.955976 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 3972:4049, ack 4063, win 501, length 77SMB-over-TCP packet:(raw data or continuation?)

12:22:15.963632 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [.], ack 4049, win 254, length 0
12:22:15.963710 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 4063:4445, ack 4049, win 254, length 382SMB-over-TCP packet:(raw data or continuation?)

12:22:15.992221 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [.], seq 4049:15729, ack 4445, win 501, length 11680SMB-over-TCP packet:(raw data or continuation?)

12:22:15.992231 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 15729:16398, ack 4445, win 501, length 669SMB-over-TCP packet:(raw data or continuation?)

12:22:16.000553 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [.], ack 6969, win 256, length 0
12:22:16.000641 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [.], ack 9889, win 256, length 0
12:22:16.001285 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [.], ack 12809, win 256, length 0
12:22:16.001334 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [.], ack 15729, win 256, length 0
12:22:16.001383 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 4445:4537, ack 16398, win 254, length 92SMB-over-TCP packet:(raw data or continuation?)

12:22:16.002042 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 16398:16526, ack 4537, win 501, length 128SMB-over-TCP packet:(raw data or continuation?)

12:22:16.020934 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 4537:4821, ack 16526, win 253, length 284SMB-over-TCP packet:(raw data or continuation?)

12:22:16.026879 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 16526:16818, ack 4821, win 501, length 292SMB-over-TCP packet:(raw data or continuation?)

12:22:16.027306 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 4821:4913, ack 16818, win 252, length 92SMB-over-TCP packet:(raw data or continuation?)

12:22:16.027838 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 16818:16946, ack 4913, win 501, length 128SMB-over-TCP packet:(raw data or continuation?)

12:22:16.064500 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 4913:5197, ack 16946, win 251, length 284SMB-over-TCP packet:(raw data or continuation?)

12:22:16.070970 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 16946:17238, ack 5197, win 501, length 292SMB-over-TCP packet:(raw data or continuation?)

12:22:16.073089 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 5197:5289, ack 17238, win 256, length 92SMB-over-TCP packet:(raw data or continuation?)

12:22:16.073717 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 17238:17366, ack 5289, win 501, length 128SMB-over-TCP packet:(raw data or continuation?)

12:22:16.119317 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [.], ack 17366, win 256, length 0
12:22:28.372813 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [P.], seq 5289:5361, ack 17366, win 256, length 72SMB-over-TCP packet:(raw data or continuation?)

12:22:28.374982 IP linux2.difaem.loc.microsoft-ds > stat3leit.local.60067: Flags [P.], seq 17366:17438, ack 5361, win 501, length 72SMB-over-TCP packet:(raw data or continuation?)

12:22:28.451249 IP stat3leit.local.60067 > linux2.difaem.loc.microsoft-ds: Flags [.], ack 17438, win 255, length 0


Cannot see difference!?

-----------------------------------------------
EDV Daniel Müller

Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen

Tel.: 07071/206-463, Fax: 07071/206-499
eMail: mue...@tropenklinik.de
Internet: www.tropenklinik.de
-----------------------------------------------

-----Ursprüngliche Nachricht-----
Von: Garming Sam [mailto:gar...@catalyst.net.nz]
Gesendet: Freitag, 6. Dezember 2013 06:00
An: mue...@tropenklinik.de; sa...@lists.samba.org
Cc: 'Andrew Bartlett'
Betreff: Re: AW: [Samba] Samba 4.1 DFS Share only access by administrator
Re: [Samba] Samba 4.1 DFS Share only access by administrator Garming Sam 12/9/13 2:00 PM
On 10/12/13 00:25, Daniel Müller wrote:
> Look at this,
> first of all trying to connect to dfs:
>
>
Hi there,

I'm sorry but we actually need the packet capture file mentioned on the
page. Without it, there's very little useful information that we can
really gather.

https://wiki.samba.org/index.php/Capture_Packets

If you don't want it seen on the list, you can just send it privately.


Cheers,

Garming Sam
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] [PATCH] Re: Samba 4.1 DFS Share only access by administrator Garming Sam 12/18/13 3:00 PM
Hi there,

I've attached a patch which should hopefully fix the problem you've
identified. The patch forces a call, create_conn_struct to always assume
root privileges and so this should fix the problem of only the
administrator being able to access the share.



Cheers,

Garming Sam
Re: [Samba] [PATCH] Re: Samba 4.1 DFS Share only access by administrator Garming Sam 12/18/13 3:50 PM
Apologies, fixed an error in the patch and actually properly tested it
this time.

Hopefully this fixes the problem this time.

Cheers,

Garming Sam
Re: [Samba] [PATCH] Re: Samba 4.1 DFS Share only access by administrator Daniel Müller 12/18/13 10:40 PM
How do I run this patch? Is there a tool within samba 4?

Greetings
Daniel

-----------------------------------------------
EDV Daniel Müller

Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen

Tel.: 07071/206-463, Fax: 07071/206-499


eMail: mue...@tropenklinik.de
Internet: www.tropenklinik.de
-----------------------------------------------
-----Ursprüngliche Nachricht-----
Von: Garming Sam [mailto:gar...@catalyst.net.nz]
Gesendet: Donnerstag, 19. Dezember 2013 00:44
An: mue...@tropenklinik.de; sa...@lists.samba.org; samba-t...@lists.samba.org
Cc: 'Andrew Bartlett'
Betreff: Re: [PATCH] Re: [Samba] Samba 4.1 DFS Share only access by administrator

Cheers,

Garming Sam

--

To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Re: [Samba] [PATCH] Re: Samba 4.1 DFS Share only access by administrator Garming Sam 12/22/13 9:00 PM

The patch will only work on the source code. There's no way to apply it
directly unfortunately.

You'll need a copy of the samba source code and then you can apply the
patch file. The following link may be helpful:

http://www.samba.org/samba/patches/

 From there you'd need to build samba and install it. I apologise if I
can't be of much more help than this.

Thanks,

Garming Sam

Re: [Samba] [PATCH] Re: Samba 4.1 DFS Share only access by administrator Daniel Müller 12/23/13 2:40 AM
In my case there are  users working on the shares.
So can I apply this patch to the source and make install- and only the binaries are written?
What about my ldb files ? Are they overwritten?

Greetings
Daniel

-----------------------------------------------
EDV Daniel Müller

Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen

Tel.: 07071/206-463, Fax: 07071/206-499
eMail: mue...@tropenklinik.de
Internet: www.tropenklinik.de
-----------------------------------------------
-----Ursprüngliche Nachricht-----
Von: Garming Sam [mailto:gar...@catalyst.net.nz]
Gesendet: Montag, 23. Dezember 2013 05:50
An: mue...@tropenklinik.de; sa...@lists.samba.org
Cc: 'Andrew Bartlett'
Betreff: Re: AW: [PATCH] Re: [Samba] Samba 4.1 DFS Share only access by administrator
Re: [Samba] [PATCH] Re: Samba 4.1 DFS Share only access by administrator Garming Sam 12/23/13 1:00 PM
Installing it should just install the binaries, but it would be wise to
perform a backup.

https://wiki.samba.org/index.php/Backup_and_Recovery

Probably one of the main potential issues though is that if you weren't
building from source originally, is that some of the directory locations
may be in conflict. So just be wary.


Cheers,

Garming Sam

Re: [Samba] [PATCH] Re: Samba 4.1 DFS Share only access by administrator Daniel Müller 2/7/14 3:40 AM
Hello Sam,

I did your patch against samba 4.1.4 and dfs is working, success!!
Just add  this function to the next samba 4 versions!?

Greetings
Daniel


EDV Daniel Müller

Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen
Tel.: 07071/206-463, Fax: 07071/206-499
eMail: mue...@tropenklinik.de
Internet: www.tropenklinik.de
"Der Mensch ist die Medizin des Menschen"


-----Ursprüngliche Nachricht-----
Von: Garming Sam [mailto:gar...@catalyst.net.nz]
Gesendet: Montag, 23. Dezember 2013 21:53

An: mue...@tropenklinik.de; sa...@lists.samba.org
Cc: 'Andrew Bartlett'
Betreff: Re: AW: AW: [PATCH] Re: [Samba] Samba 4.1 DFS Share only access by administrator
Re: [Samba] [PATCH] Re: Samba 4.1 DFS Share only access by administrator Andrew Bartlett 2/7/14 10:30 AM
On Fri, 2014-02-07 at 12:29 +0100, Daniel Müller wrote:
> Hello Sam,
>
> I did your patch against samba 4.1.4 and dfs is working, success!!
> Just add  this function to the next samba 4 versions!?

I think so.  I can't find it right now, but a bug was filed and the patched backported by the folks at SerNet

Andrew Bartlett

--
Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba