Patch for Smbldap-tools and problems on Samba3.0 a20
luj@libero.it
luj at libero.it
Wed Oct 23 11:49:01 GMT 2002
Hi,
During our test on the the migration from the AS/U /Advanced Server for
Unix) based domain to a Samba-ldap based domain, we have found and
fixed some bugs on the smbldap tools of Idealx. In attachment you would
find the improved tools package. The main changes are:
- smbldap-migrate-accounts.pl : the user rid was added
- smbldap-useradd.pl : improved the PrimaryGroupID setting, added
the option for trusting domain add
- smbldap-usermod.pl : fixed the bug on acctFlags setting
- smbldap-groupdel.pl : fixed the problem for group names that
included the blank
- smbldap_tools.pm : for all listed above
We are using Samba 3.0 Alpha20 on a RedHat 7.3 system to test our
migration and we found that the Samba has some problems to enumerate
the domain groups members.
Following were what happened during our test:
We logged onto the domain, where the PDC was Samba 3.0 Alpha20, from a
NT machine with a normal user "samba20", then we connected to a share
directory of the PDC using "net use...". After that, we used the
windows explorer to access that share directory and tried to view the
members of a domain group "Gruppo" from the security permissions of a
directory or a file following the step: Proprieties -> Security ->
Permissions -> Add -> On the group "Gruppo" -> Members, we got
the "Access is denied".
The user "Samba20" is the member of "Domain Users" group that was
mapped also to the unix group. From the debug logs we have seen that
the function "se_access_check" that was called from
the "_samr_open_group" failed due to the mismatch between the
access_desired and access_requested, but I think that the user has the
right to show the groups members.
In attchment you would find the debug logs.
Jianliang Lu
E-mail: luj at libero.it
Phone: 0125 757061
Mobile: 0333 2839559
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smbldap-tools-0.7-2.i386.rpm
Type: application/octet-stream
Size: 40151 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20021023/5325ea7f/smbldap-tools-0.7-2.i386.obj
More information about the samba-technical
mailing list