using more dce/rpc client-side functions in samba

Luke Kenneth Casson Leighton lkcl at samba-tng.org
Wed Jan 9 17:13:18 GMT 2002


> >  The
> > multi-deamon design has forced the authors to consider much better
> > designed solutions at times - in particular the lack of direct access to
> > the SAM cleans up a *lot* of ugly code.
> 
> Yeah. And this day, I've started to understand, there are
> even more places, that can be cleaned up and made a lot
> nicer. (Someone I'm currently also mailing with got me in
> that direction.)
 
 yes: two such locations spring to mind, that i started
 on in samba.

 one is in reply_sesssetup() - you *always* call
 domain_client_validate().

 _always_.

 this means that you _must_ have:

 - a ncacn_np implementation or equivalent

 - lsarpcd or equivalent

 - netlogond or equivalent

 - samrd or equivalent


 if you don't have these running, you are guaranteed to have
 a login failure.

 now, given that the samba-init.d script just rolls on
 through and starts/stops all the daemons, that's very
 rarely a problem [on tng-users mailing list: "i can't
 log in!  i've run smbd and nmbd, what's the problem?"

 the other area is \PIPE\LANMAN.

 the entire LANMAN implementation in smbd is a well-known
 mess.

 every single function in it, however, has equivalents
 in dce/rpc.

 e.g. WkstaNetUserGetInfo.  e.g. NetShareEnum; NetShareGetInfo.

 i started making LANMAN (in lanman.c) a proxy service,
 beginning on a few choice functions.

 i stopped at the printing stuff because at the time
 there was no client-side dce/rpc functionality available to call!

 otherwise i would have done that, too.

> I'm quite aware, that it probably was a mistake to write
> this mail.

 i appreciate it.

 luke





More information about the samba-technical mailing list