Volker.Lendecke at SerNet.DE Volker.Lendecke at SerNet.DE
Thu Apr 15 16:22:39 GMT 2004

On Thu, Apr 15, 2004 at 10:54:21AM -0500, Gerald (Jerry) Carter wrote:
> Volker.Lendecke at SerNet.DE wrote:
> >Hi!
> >
> >Does anybody have any idea what _samr_remove_sid_foreign_domain 
> > is supposed to do? When does a client issue it, and what does it
> > do to the SAM?
> It shows up when removing a client remotely via user manager.


The IDL should look like

        NTSTATUS samr_RemoveMemberFromForeignDomain(
                [in,ref]    policy_handle *handle,
                [in,ref]    dom_sid2      *sid

where handle in my test is a domain handle for S-1-5-32 of the remote DC. sid
is the workstation account to be removed via the server manager.

Right after that call you see the corresponding DeleteUser request.

To me it looks as if for us this is a complete no-op, especially as upon remote
creation of the workstation account there is no corresponding
AddMemberToForeignDomain call or so.

Would anybody object if I (at least in VOYAGER) set this call to 'check whether
the handle points to builtin' and then do nothing? Messing around with groups
here looks really wrong to me.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20040415/220e93c6/attachment.bin

More information about the samba-technical mailing list