Question about LsaGetConnectedCredentials
Manoj Naik
manoj at almaden.ibm.com
Thu Sep 27 10:44:44 GMT 2001
Two things have to change. We have to identify whether the user is
connected to the domain or not. In the former case, domname in
_lsa_unk_get_connuser should be global_myworkgroup; in the latter, it
should be global_myname. As far as I can tell, this can be only done
when invoking register_vuid. Also, NT returns global_myname on
_lsa_query_info for ROLE_STANDALONE. I am not quite sure why Samba is
returning global_myworkgroup.
The extraneous characters at the end of username in the error message
are showing up because ulen/dlen are set incorrectly in
_lsa_unk_get_connuser. It should be:
ulen = strlen(username) + 1;
dlen = strlen(domname) + 1;
Hope that helps,
Manoj.
jtrostel at snapserver.com wrote:
>
> Using the patch you made, which is now in the official CVS, I can take
> ownership correctly as a domain member. I am still having problems taking
> ownership if I am NOT a domain member though.
>
> Somehow, I need to convince SAMBA to look for valid users and groups in the
> local passwd/smbpasswd files if the lookup fails for DOMAIN users. Do you know
> where in the samba code I need to fiddle to make this a success? Basically I
> need to know where/why I get
>
> Unable to take ownership because the account "JTSNT\\jt|||..." could not be
> accessed on the remote machine because of the following error: The account could
> not be found
>
> The machines are in a PDC controlled domain "CEO", although the calling NT box
> is now in any domain (he is running in a workgroup "JTSNT"). I have logged
> into the NT box as user "jt-ntonly" and then specify "jt" as the user when
> accessing the SAMBA box. The user "jt" is available ONLY as a locally-defined
> user on the SAMBA box. All other SAMBA functions seem to function correctly
> and act like the local-SAMBA user "jt".
>
> --
> John M. Trostel
> Senior Software Engineer
> Quantum / SnapAppliances
> jtrostel at snapserver.com
More information about the samba-technical
mailing list