svn commit: samba r5180 - branches/SAMBA_3_0/source/rpc_server
trunk/source/rpc_server
Andrew Bartlett
abartlet at samba.org
Wed Feb 2 20:43:07 GMT 2005
On Wed, 2005-02-02 at 20:11 +0000, gd at samba.org wrote:
> Author: gd
> Date: 2005-02-02 20:11:37 +0000 (Wed, 02 Feb 2005)
> New Revision: 5180
>
> WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=5180
>
> Log:
> Call the "add machine script" to create all kinds of trust accounts
> (this restores old behaviour). Fixes #2291.
I agree on the scripts part, but I'm not sure you should be using:
se_priv_copy( &se_rights, &se_machine_account );
The point here is to ensure that users with 'add machines to the domain'
can only add workstations, not BDCs and Domains. I may be off-base
here, but I think we just need two 'ifs'. The script to call and the
rights to use are different.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20050203/3cda0084/attachment.bin
More information about the samba-technical
mailing list