source/rpc_server/srv_samr_nt.c: _samr_enum_dom_alises()
Buck Huppmann
buckh at pobox.com
Wed Jul 25 16:29:26 GMT 2001
just wondering if the call
init_samr_r_enum_dom_aliases(r_u, q_u->start_idx, num_entries);
should look more like this
init_samr_r_enum_dom_aliases(r_u, q_u->start_idx + num_entries, num_entries);
as the corresponding call in _samr_enum_dom_groups() does? if one then
(perhaps inadvisedly) inserts
if (num_entries == MAX_SAM_ENTRIES)
r_u->status = STATUS_MORE_ENTRIES; /* not necessarily */
after the call to get_group_alias_entries() one can get a full enumera-
tion of one's ``Local UNIX groups'' when one invokes the Add-ACL Explorer
interface. unfortunately, as JRA's comments in _samr_enum_dom_users()
indicates, this isn't quite as NT would like it and use of the IPC$
handle to then Show Users fails, but i'm keen to get at least this far
because we basically can get no use out of ACLs without at least this
much group-enumeration, point-and-click functionality for our users,
since trying to add domain SIDs from our NT PDC-controlled domain in
which our samba servers are joined up, even when their names correspond
to ``Local UNIX'' groups or users, doesn't work
in that regard (completely crossing over into samba@ list territory), if
we run winbindd without otherwise integrating it into our nsswitch-ed
infrastructure, would we get such functionality? or would winbindd map
the requested SIDs into uids and gids not necessarily corresponding to
the Local UNIX groups and users for the identically-named accounts?
thanks for any help forthcoming
More information about the samba-technical
mailing list