Somebody help me to find where is source code(file) to capture following information in samba4

Andrew Bartlett abartlet at samba.org
Mon Aug 6 08:46:24 GMT 2007


On Mon, 2007-08-06 at 14:57 +0800, KS Tan wrote:
> Hi Andrew,
> Actually I want to know more about the KDC ticket issue/release, and
> after want to know the 
> 1. username, computername, ipaddress.
> 2. After user logout, the session expired (ticket expired).

This should be available in
kdc/pac-glue.c:samba_kdc_check_client_access().  See the KDC_REQ
structure for details about ticket lifetime. 

> About the script, I just wanted to use customized OU and add a field
> inside to put the script path (The script is not assign to the user). 
> 
> Below is what I'd test/result inside latest source code: 
> 1. seems latest source is near to the OU+GPO. So far I able to manually
> Link Default Domain GPO into particular OU via SWAT(using field gPLink),
> and the GPO show inside my OU at the dsa.msc.
> 
> 2. I try to create few new GPO inside the sysvol, and I'd link it to my
> OU using swat. Inside dsa.msc show me permission denied.

Any idea which part gives you that error?  A network trace should show
what's going on. 

> 3. I'd join Windows 2003 Enterprise into the samba4 active directory,
> when I want to promote it to additional domain controller, it failed (I
> guess this is nothing new).

Indeed, we don't support that (yet).  We understand a lot of the
protocol, but being a part of the multi-master replication will take a
lot of work and testing. 

> 4. So far I able to add/delete object from dsa.msc. It's great!
> 
> 
> So, I'm waiting the further development until swat allow me to add new
> GPO(Or at least, I can copy paste from defauly domain policy). Then I'll
> come out another brand new real live CD, which will simulate a real
> corporate environment to eveybody review(I hope that time the Dynamic
> register dns services is ready too, so I can let user perform zone
> transfer).

Yes, Dynamic DNS update is an area that needs work.  Does anybody have
BIND accepting GSS TSIG updates?  Any idea how is the authorization
handled in this and in AD?

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.                  http://redhat.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20070806/2b6084d7/attachment.bin


More information about the samba-technical mailing list