Two small bugs
mmessaoudi at vinci-construction.com
mmessaoudi at vinci-construction.com
Tue Jan 15 00:26:06 GMT 2002
Hi there,
I've set a Samba 2.2.2 server as a PDC for various clients (Win9x,
NT4, W2k) using;
I'm using an ldap Directory (a Lotus Domino Server) to store all the
account information (nss_ldap plus --with-samldap compile option);
It works pretty good (some problems with W2k workstation), but when I
change a password for a user either from a workstation or by using the
smbpasswd command, the user_rid and the group_rid are changed;
It seems that when we read the user_rid (group_rid) from the
directory, we assume that it's an Hex value according to this piece of
source code (source/passdb/pdb_ldap.c) "user_rid = (uint32)strtol(temp,
NULL, 16);";
but when we write to the directory, we don't convert it back to Hex value
"slprintf(temp, sizeof(temp) - 1, "%i", user_rid );";
In the same file, when we access the directory for password
enumeration, we always skip the last entry;
source/passdb/pdb_ldap.c :
pdb_setsampwent : global_ldap_ent.entry =
ldap_first_entry(global_ldap_ent.ldap_struct,
global_ldap_ent.result);
source/rpc_server/srv_smr_nt.c
get_sampwd_entries : while (((not_finished =
pdb_getsampwent(pwd)) != False)
&& (*num_entries) < max_num_entries)
source/passdb/pdb_ldap.c :
global_ldap_ent.entry =
ldap_next_entry(global_ldap_ent.ldap_struct,
global_ldap_ent.entry);
and then return init_sam_from_ldap(user,
global_ldap_ent.ldap_struct,
global_ldap_ent.entry);
To work around; i changed the code this way :
/**********************************************************************
Get the next entry in the LDAP password database
*********************************************************************/
BOOL pdb_getsampwent(SAM_ACCOUNT * user)
{
BOOL ret;
if (!global_ldap_ent.entry)
return False;
if (global_ldap_ent.entry != NULL)
{
ret = init_sam_from_ldap(user, global_ldap_ent.ldap_struct,
global_ldap_ent.entry);
global_ldap_ent.entry =
ldap_next_entry(global_ldap_ent.ldap_struct,
global_ldap_ent.entry);
return ret;
}
return False;
}
More information about the samba-technical
mailing list