become root depth is non zero (ldap)

Luke Kenneth Casson Leighton lkcl at switchboard.net
Sun Jul 11 19:22:30 GMT 1999


On Sun, 11 Jul 1999, Bertl wrote:

> Luke Kenneth Casson Leighton wrote:
> > 
> > doug,
> > 
> > the code in there needs to be revisited. it's not a high priority, for me,
> > as i have too many other things to do (sorry, that's a fact not an
> > excuse).
> 
> well, I looked at the code and I think the outer
> become_-/unbecome_root pair is useless.
> patch attached...
> 
> WARNING: I might be totally wrong!!

lookups can be done anonymously.  i need a rewrite of this code, to NOT
use direct access in srv_lsa.c, but to open ANOTHER connection to
\PIPE\samr which will result in either loopback or connection to pdc :-)
:-)
 
> > if someone wants to update the smbpassfile code, and then write a script /
> > utility to convert unix groups to nt groups in smbgroupfile, smbaliasfile
> > and smbbuiltinfile, then please let the lists know: this is the best way
> > to handle this problem.
> 
> so you suppose a total rewrite of the code? my knowledge

actually the code already exists (smbpassfile.c etc) but it doesn't
compile because i redesigned the password database API around smbgroupdb.c
etc, but didn't keep smbpassfile.c up-to-date.

> about nt is nearly void, so probably i'm not the right one to go after
> this... guess I'll have to read plenty of documents... :}

the nt security model is FUN!  and very comprehensive, and very good /
flexible.



More information about the samba-ntdom mailing list