using more dce/rpc client-side functions in samba
Luke Kenneth Casson Leighton
lkcl at samba-tng.org
Wed Jan 9 17:13:18 GMT 2002
> > The
> > multi-deamon design has forced the authors to consider much better
> > designed solutions at times - in particular the lack of direct access to
> > the SAM cleans up a *lot* of ugly code.
>
> Yeah. And this day, I've started to understand, there are
> even more places, that can be cleaned up and made a lot
> nicer. (Someone I'm currently also mailing with got me in
> that direction.)
yes: two such locations spring to mind, that i started
on in samba.
one is in reply_sesssetup() - you *always* call
domain_client_validate().
_always_.
this means that you _must_ have:
- a ncacn_np implementation or equivalent
- lsarpcd or equivalent
- netlogond or equivalent
- samrd or equivalent
if you don't have these running, you are guaranteed to have
a login failure.
now, given that the samba-init.d script just rolls on
through and starts/stops all the daemons, that's very
rarely a problem [on tng-users mailing list: "i can't
log in! i've run smbd and nmbd, what's the problem?"
the other area is \PIPE\LANMAN.
the entire LANMAN implementation in smbd is a well-known
mess.
every single function in it, however, has equivalents
in dce/rpc.
e.g. WkstaNetUserGetInfo. e.g. NetShareEnum; NetShareGetInfo.
i started making LANMAN (in lanman.c) a proxy service,
beginning on a few choice functions.
i stopped at the printing stuff because at the time
there was no client-side dce/rpc functionality available to call!
otherwise i would have done that, too.
> I'm quite aware, that it probably was a mistake to write
> this mail.
i appreciate it.
luke
More information about the samba-technical
mailing list