Should security = server really be ROLE_DOMAIN_MEMBER ?
Gerald (Jerry) Carter
jerry at samba.org
Sat Jul 1 19:52:13 GMT 2006
-----BEGIN PGP SIGNED MESSAGE-----
Jeremy Allison wrote:
> On Sat, Jul 01, 2006 at 12:23:42PM -0500, Gerald (Jerry) Carter wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>> Anyone got any thoughts on this:
>> There seems to a lot of assumptions that lp_server_role() ==
>> ROLE_DOMAIN_MEMBER means we can access for example a
>> machine trust account password or domain sid in secrets.tdb.
>> But if you look at set_server_role(), you'll see that
>> SEC_SERVER is considered to be a domain member role.
>> Maybe we need a new role ? ROLE_WISH_THIS_SEC_DIDNT_EXIST ?
> Yes, security = server shouldn't be ROLE_DOMAIN_MEMBER, it
> should be ROLE_STANDALONE.
ok. That was my feeling as well. I'll make the change.
Samba ------- http://www.samba.org
Centeris ----------- http://www.centeris.com
"What man is a man who does not make the world better?" --Balian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the samba-technical