Andrew Bartlett abartlet at
Tue Dec 27 10:17:17 GMT 2005


I was looking at your new samdb_domain_sid() function and I wondered why
in your search:

/* find the domain_sid */
domain_sid = samdb_search_dom_sid(ldb, tmp_ctx, basedn, 
				  "objectSid", "objectClass=domainDNS");

You look for objectClass=domainDNS.  I realise that the objectClass
restriction should avoid silly errors, but why not objectClass=domain?  

The reason I suggest this is that for certain standalone/domain member
and possible NT4-downlevel operations, we might not have a domainDNS at

Andrew Bartlett

Andrew Bartlett                      
Authentication Developer, Samba Team 
Student Network Administrator, Hawker College
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :

More information about the samba-technical mailing list