Domain logon issue with Samba 3.0.20pre2 -> current 3.0.20rc2
Gerald (Jerry) Carter
jerry at samba.org
Fri Aug 19 23:11:56 GMT 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Andrew Bartlett wrote:
> I'm locked out of the network, and I can't get windows
> update to behave for me. (I'm assuming I have a proxy
> problem or similar).
>
> The purpose of this Samba update (which I try not to do often,
> as we use almost *every* aspect of Samba, so do find
> issues) was because I knew there were announced issues with
> windows security updates and older Samba revisions... :-)
Here's the scoop. The change is in r6895. It is a necessary
and correct change. In the absence of a real ReadOnly dos
attribbute we have to approximate it. Previously we were marking
a file as read-only based on the file ownership. Now we
approximate it based on the sum of group permissions.
The fix is to ensure that NTUSER.MAN is not marked with the
DOS reqadonly attribute. DOn't ask me why Windows cares
when this is a mandatory profile. So either set 'acl check
permissions = no' or actually store the dos attribute in EA's
and make sure the read only attribute is unset on that one
file.
Crazy afternoon. 3.0.20 is still on its way then.
cheers, jerry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFDBmc8IR7qMdg1EfYRAnz7AKCUT4KU5X6kz8giGwCA7UG5yUCL9wCg7/hv
jJdjUFyP++zhSNmAU+7RE7o=
=Ki5H
-----END PGP SIGNATURE-----
More information about the samba-technical
mailing list