AW: APW is missing
Gerald (Jerry) Carter
jerry at samba.org
Wed May 21 16:05:38 GMT 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wed, 21 May 2003, Ronan Waide wrote:
> On May 21, jerry at samba.org said:
> > 2 questions:
> >
> > 1) Have you ever seen a windows client send
> > MAXIMUM_ALLOWED_ACCESS without including
> > SERVER_ALL_ACCESS ? rpcclient doesn't count
> > here. I know we don't do this exactly like NT
> > but it has never matter against real windows
> > clients
>
> Hmm. As documented in the quoted post, NT4SP6 talking to Samba sends
> MAXIMUM_ALLOWED_ACCESS without any of the printer admin access bits,
> but I don't recall if it had SERVER_ALL_ACCESS set.
>From
http://marc.theaimsgroup.com/?l=samba-technical&m=104686736620605&w=2
- ------------original mail--------------------------
NT4 SP6 to Samba HEAD (Opening the Printers folder)
* First request is for
Write Owner | Write DAC | Read Control | Delete
Server Enum | Server Admin
- --------end original mail--------------------------
SERVER_ALL_ACCESS == Server Enum | Server Admin
This is what is used to determine whether the APW shows up.
We basically only allow a 'printer admin' to have this.
Just to make sure we are on the same thread here,
I have never seen a instance where we really needed to
map MAXIMUM_ALLOWED_ACCESS to anything. Windows
clients always include the specific bits in the desired_access
mask in my experience.
So my question is: Have you seen any behavior that indicates
not mapping the MAXIMUM_ALLOWED_ACCESS mask to some specific
bits is a problem?
My understanding is that you have not, but were just noting
a difference in behavior when testing with rpcclient. Right?
cheers, jerry
----------------------------------------------------------------------
Hewlett-Packard ------------------------- http://www.hp.com
SAMBA Team ---------------------- http://www.samba.org
GnuPG Key ---- http://www.plainjoe.org/gpg_public.asc
"You can never go home again, Oatman, but I guess you can shop there."
--John Cusack - "Grosse Point Blank" (1997)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/
iD8DBQE+y6PSIR7qMdg1EfYRAoNZAKDlWzgBJvTtQ5wgbZhEo4tpDPpZbgCfcJHc
f/IywDnl7rIvGMrH2qhbPYE=
=21N2
-----END PGP SIGNATURE-----
More information about the samba-technical
mailing list