Displaying 20 results from an estimated 2000 matches similar to: "ldb-tools and ldaps after badlock"
2016 Jun 11
0
ldb-tools and ldaps after badlock
On Fri, 2016-06-10 at 19:37 +0200, Stefan Kania wrote:
> Hello everybody,
>
> since the patch for all the badlock bugs it is not possible to access
> a Samba 4 ADDC-database with ldb-tools. Everytime I try it, I get the
> following error:
...
> When I add:
> ----------------------
> tls verify peer = no_check
> ----------------------
> to smb.conf I will get the
2003 Feb 08
1
2.2.8pre1 smbclient log in problem
Hi all samba coders. Glad to see that you work to improve samba.
Here is a problem I would be very greatful if you could solve.
Certain international characters does not work as usernames when trying to log
in to an NT4 file server. My problem is that in Swedish versions of NT the
"Administrator" username is translated and reads "Administrat?r". It seams
that the
2004 Jul 27
2
Getting Samba 3 to communicate with Win2k3 ADS
I'm having a *terrible* time trying to get Samba 3 to communicate with my
Windows 2003 Active Directory Server (the primary and only domain on my
network). Basically this is what I'm trying to do: create a Linux File
Server to replace my old WinNT 4 File Server. I would like it to show up
under all my XP clients on network neighborhood just like the old server,
with each account on my
2004 Mar 19
2
Win2k/XP doesn't execute logon.bat while logging in to Samba PDC
Hi all!
I'm going mad about getting my shares mapped to my win2k and winXP machines from my Samba PDC Version 3.0.2 on Debian.
Win-machines doesn't seem to execute logon.bat at all, except when i log on as root. I've set the ownership and chmod 0775 all logon.bat files to eatch user on my network.
Am i just blind or are there something obvious/very wrong with my config?
my smb.conf
2004 Jul 07
8
VoIP hackers gut Caller ID
The Register is carrying a article written by Kevin Poulsen of
Securtiy Focus, calling asterisk "..the most powerful tool for
manipulating and accessing CPN data.."
> http://www.theregister.co.uk/2004/07/07/hackers_gut_voip/
I hope NuFone doesn't drop asterisk-set-able callerid's after this
article; i've been wanting that feature from voicepluse for a long
time.
2016 Jun 02
2
libtdb and BADLOCK (CVE-2016-2118)
Does mitigation of the so-called BADLOCK CVE (CVE-2016-2118) for Samba 3.x
imply an upgrade to a non-vulnerable version of the tdb library?
If so, can someone point me to any documentation on the tdb vulnerability?
Thanks,
Sam
2016 Jun 02
1
libtdb and BADLOCK (CVE-2016-2118)
Do you know why Red Hat updated libtdb as part of their remediation for
Badlock on Samba4?
https://rhn.redhat.com/errata/RHSA-2016-0612.html
On Thu, Jun 2, 2016 at 2:37 PM, Jeremy Allison <jra at samba.org> wrote:
> On Thu, Jun 02, 2016 at 11:29:25AM -0500, Sam Gardner wrote:
> > Does mitigation of the so-called BADLOCK CVE (CVE-2016-2118) for Samba
> 3.x
> > imply an
2016 Jun 12
0
Hardened UNC Paths, Badlock, encryption defaults?
Hi,
Microsoft some time ago introduced Hardened UNC Paths, and in April
published the Badlock security fixes, which seem to be related to that.
Samba at the same time published versions 4.4.1 (and 4.4.2).
Even after reading the release notes of Samba 4.4.1 several times, I
still do not know whether I must manually adjust smb.conf to be
protected from these vulnerabilities.
What I do know is
2015 May 20
5
Re-install libwrap in OpenSSH
Hello all,
after a useless discussion on the opensuse ML I had to find out that they
buried the removal news of libwrap last year in some half-sentence. So this is
unfortunately pretty late for the topic. Nevertheless it is pretty obvious
that you did not get any feedback from people using ssh over decades in
server-administration. Let me make a clear point: libwrap removal was a pretty
bad idea.
2016 Apr 16
1
Badlock bad luck
>* Am 13.04.2016 um 07:51 schrieb Mogens Kjaer <mk at lemo.dk <https://lists.centos.org/mailman/listinfo/centos>>:
*> >* Hello,
*> >* I run a CentOS 6 machine with samba, serving approx. 150 Windows
users with samba running as an NT-like PDC.
*> >* After today's samba update (samba-3.6.23-30.el6_7.x86_64 etc.),
nobody can log in.
*> >* They all get the
2016 Apr 14
0
BADLOCK - samba 3.6.23 and Trust relationship
I will follow this, I have the same issue, I had to downgrade...centos 5.11
latest.
On Thu, Apr 14, 2016 at 8:52 AM, Johan GLENAC <johan.glenac at ac-guyane.fr>
wrote:
> Hi,
>
> Due to "Red Hat Vulnerability Response: BADLOCK", an automatic samba
> package RHEL5 update was apply on our system.
> This broke "The trust relationship between this workstation and
2016 Jun 02
0
libtdb and BADLOCK (CVE-2016-2118)
On Thu, Jun 02, 2016 at 11:29:25AM -0500, Sam Gardner wrote:
> Does mitigation of the so-called BADLOCK CVE (CVE-2016-2118) for Samba 3.x
> imply an upgrade to a non-vulnerable version of the tdb library?
>
> If so, can someone point me to any documentation on the tdb vulnerability?
There were no tdb vulnerabilities in the badlock code release.
2016 Apr 26
2
Badlock CVE-2016-2118 in samba release 3.0.35
Hi,
Samba has released patch for CVE-2016-2118 from 3.6.x release onwards. We
use samba 3.0.35 in our product. Is there any patch available for
3.0.35?
--
Regards
Madhu
2016 Apr 14
2
BADLOCK - samba 3.6.23 and Trust relationship
Hi,
Due to "Red Hat Vulnerability Response: BADLOCK", an automatic samba
package RHEL5 update was apply on our system.
This broke "The trust relationship between this workstation and the
primary domain failed" (error message logon client) in my environnement
production.
So, I use now 3.6.23-12.el5_11, I see they are new directive for
smb.conf and some others more restrict
2016 Apr 29
1
smbclient fails to authenticate with non extended-security SMB1 server after applying badlock patches
Hi,
We support an older version SMB1 server (propietary implementation) which does not support extended security . Mapping a share from that server, using smbclient, was working before applying badlock patches (to the smbclient) , with default settings in smb.conf. However, after applying badlock patches, smbclient fails to map with default settings. When I set the option : "client ntlmv2
2016 Apr 14
1
BADLOCK - samba 3.6.23 and Trust relationship
Hi,
Finally, I have launched "yum downgrade samba*" too for best effort.
I am waiting for news until my samba 4 migration.
AC-GUYANE <mailto:Johan.Glenac at ac-guyane.fr>
*Johan GLENAC*
*DSI*
Administrateur Système, Réseaux et Télécom
*TROUBIRAN :* Route de Baduel - BP 6011 97306 Cayenne
*Tél. :* +594 (0) 594 27 22 08
*Fax :* +594 (0) 594 27 22 20
Rectorat - Académie de la
2016 Apr 13
3
Badlock bad luck
Hello,
I run a CentOS 6 machine with samba, serving approx. 150 Windows users
with samba running as an NT-like PDC.
After today's samba update (samba-3.6.23-30.el6_7.x86_64 etc.), nobody
can log in.
They all get the "Trust relationship failed" error message.
If I downgrade:
yum downgrade samba-common samba-winbind samba-winbind-clients
samba-client samba samba-doc
2016 Apr 13
0
Badlock bad luck
Did you update your Windows clients?
On Wed, Apr 13, 2016 at 1:51 AM, Mogens Kjaer <mk at lemo.dk> wrote:
> Hello,
>
> I run a CentOS 6 machine with samba, serving approx. 150 Windows users
> with samba running as an NT-like PDC.
>
> After today's samba update (samba-3.6.23-30.el6_7.x86_64 etc.), nobody can
> log in.
>
> They all get the "Trust
2016 Apr 13
0
Badlock bad luck
FYI: https://lists.samba.org/archive/samba/2016-April/199013.html
On Wed, Apr 13, 2016 at 12:53 PM, Bill Baird <bill.baird at phoenixmi.com>
wrote:
> I'm seeing the exact same behavior in my environment (NT4 PDC, not AD). I
> had to downgrade samba get systems working again.
>
> The full error message is:
>
> "The trust relationship between this workstation and
2016 Apr 19
2
Badlock bad luck
Just to follow up, the fix for us was to add "client ipc signing = auto" to
our smb.conf configuration file.
On Wed, Apr 13, 2016 at 1:17 PM, Bill Baird <bill.baird at phoenixmi.com>
wrote:
> FYI: https://lists.samba.org/archive/samba/2016-April/199013.html
>
> On Wed, Apr 13, 2016 at 12:53 PM, Bill Baird <bill.baird at phoenixmi.com>
> wrote:
>
>>