[ldap-SAMBA_2_2] join XP to the PDC and geteuid troubles
abartlet at pcug.org.au
Sat Mar 2 02:33:04 GMT 2002
Ignacio Coupeau wrote:
> I found that the XP fails joining to the domain samba_2_2 (2002/03/01)
> if the administrative account is other than root.
> I think the reason is the geteuid() call (see below the
> ldap_open_connection ).
> No problem is detected with NT WS because no administrative account is
> required for the join.
> In the SAMBA_HEAD this check is not performed and don't fails.
Samba HEAD now performs this check (if it wasn't doing so before).
> Is this a bug?
It is a security issue - we can't allow 'mere mortals' to modify the
SAM, this is a problem in earlier versions.
We need to implement a proper permissions system, but we havn't done
that yet - so for now it is 'are you root', the same as for smbpasswd
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
More information about the samba-technical