Patches to head (become_root and some RPC stuff)
Doug VanLeuven
ldx at ibm.net
Fri Aug 27 23:33:58 GMT 1999
Michael Stockman wrote:
> The two problems that I'm aware of, though currently cannot do
> anything about due to lack of information, are:
> * A guest something account shows up on NT
Sorry for the delay. Nobody home share (Guest account) shows up in HEAD
branch but not 2.0.5a with same basic config. I just never noticed it before
checking your patches.
>
> * NETLOGON stopped working for NT (this might have been due to an old
> patch, don't know where it ended up)
Tell me the symptom & I'll try to reproduce it. My code is a fresh CVS with only
your patches.
>
> > > One question in regards to the password api: If samba (acting on
> > > behalf of the user) can access only some parts of the answer to a
> > > query (say to a LDAP db), should the api fail completely or is it
> ok
> > > to answer as much as it can (leaving other fields blank)?
> >
> > It should anwser as much as it can, the other fields being
> initalised with
> > default values.
>
Please check my response to Jean-Francois same thread today. Increasingly
I think non "Domain Admins" users should be denied modifying any values,
perhaps even their own except for things explicitly allowed.
To illustrate: could they change their description in unix?
Standard NT fails the requests from common users with "The user does not
have access to the requested information" and for my 2 cents it is
a basic assumption in NT's security model.
I apologize if I'm ranting. I wouldn't write like this if it didn't seem truly important.
> >
> > > The last question, where is the RPC_AUTH_VERIFIER type defined?
> I'm
> > > getting compile errors from time to time.
> >
> > don't now. grep RPC_AUTH_VERIFIER includes/*.h ?
>
> Have tried, no luck, and thus compiler errors (undefined type) :-(
Can't find it on Redhat 5.2, glibc-2.0.7-29
-- Doug VanLeuven - 707-545-6933 (voice) 707-545-6945 (fax)
Chief Engineer, USMM roamdad at ibm.net
Programmer/Analyst, SCWA doug at scwa.ca.gov
More information about the samba-technical
mailing list