smbpasswd PROBLEM IDENTIFIED
Jeremy Allison
jra at samba.org
Wed Dec 5 11:31:03 GMT 2001
On Wed, Dec 05, 2001 at 10:47:28AM -0600, Esh, Andrew wrote:
> The problem I am having with the latest SAMBA_2_2 smbpasswd has been traced
> to a change in the function "modify_trust_password", in
> rpc_client/cli_trust.c. The new version of the routine starts out by trying
> to read the domain SID from the secrets database, and fails if it doesn't
> find it. (If the database is new, it won't have that key entered yet, so
> smbpasswd can't deal with a new database.)
>
> In the release-2-2-2 code, in the same routine, later on toward the end,
> there is a call to "cli_lsa_get_domain_sid", which connects via the network
> to the PDC and gets the domain SID. That function, in
> "rpc_client/cli_lsarpc.c", stores the SID in the secrets database.
>
> The file "rpc_client/cli_lsarpc.c" doesn't even exist in the new code, and
> the "cli_lsa_get_domain_sid" function isn't found anywhere else.
>
> I don't see any way for the new code to ever query the PDC and get the
> domain SID. Without that, Samba can't join the domain, and won't run in
> domain mode.
>
> Obviously this is an absurd conclusion. What is the real problem?
Nope, it got removed by mistake and the logic path wasn't
restored correctly.
I've added a sparate fetch_domain_sid() call that smbpasswd
now uses in the join_domain case to get, then store the
PDC DOMAIN sid.
Seems to work here, re-CVS update and check it out.
Sorry for the problem, thanks for reporting the bug.
Jeremy.
More information about the samba-technical
mailing list