Somebody help me to find where is source code(file) to capturefollowing information in samba4

David Holder david.holder at erion.co.uk
Mon Aug 6 08:49:33 GMT 2007


Andrew,

I am hoping to try BIND with GSSTSIG in the next few days for something else
I am working on. I'll let you know how I get on.

David

========================================================
Dr David Holder CEng MIET MIEEE
Erion Ltd, Oakleigh, Upper Sutherland Road, Halifax, HX3 8NT
Reception: +44 (0)1422 207000
Direct Dial: +44 (0)131 2026317
Cell: +44 (0) 7768 456831

Registered in England and Wales. Registered Number 3521142
VAT Number: GB 698 3633 78


-----Original Message-----
From: samba-technical-bounces+david.holder=erion.co.uk at lists.samba.org
[mailto:samba-technical-bounces+david.holder=erion.co.uk at lists.samba.org] On
Behalf Of Andrew Bartlett
Sent: 06 August 2007 09:46
To: KS Tan
Cc: samba-technical at lists.samba.org
Subject: Re: Somebody help me to find where is source code(file) to
capturefollowing information in samba4

On Mon, 2007-08-06 at 14:57 +0800, KS Tan wrote:
> Hi Andrew,
> Actually I want to know more about the KDC ticket issue/release, and
> after want to know the 
> 1. username, computername, ipaddress.
> 2. After user logout, the session expired (ticket expired).

This should be available in
kdc/pac-glue.c:samba_kdc_check_client_access().  See the KDC_REQ
structure for details about ticket lifetime. 

> About the script, I just wanted to use customized OU and add a field
> inside to put the script path (The script is not assign to the user). 
> 
> Below is what I'd test/result inside latest source code: 
> 1. seems latest source is near to the OU+GPO. So far I able to manually
> Link Default Domain GPO into particular OU via SWAT(using field gPLink),
> and the GPO show inside my OU at the dsa.msc.
> 
> 2. I try to create few new GPO inside the sysvol, and I'd link it to my
> OU using swat. Inside dsa.msc show me permission denied.

Any idea which part gives you that error?  A network trace should show
what's going on. 

> 3. I'd join Windows 2003 Enterprise into the samba4 active directory,
> when I want to promote it to additional domain controller, it failed (I
> guess this is nothing new).

Indeed, we don't support that (yet).  We understand a lot of the
protocol, but being a part of the multi-master replication will take a
lot of work and testing. 

> 4. So far I able to add/delete object from dsa.msc. It's great!
> 
> 
> So, I'm waiting the further development until swat allow me to add new
> GPO(Or at least, I can copy paste from defauly domain policy). Then I'll
> come out another brand new real live CD, which will simulate a real
> corporate environment to eveybody review(I hope that time the Dynamic
> register dns services is ready too, so I can let user perform zone
> transfer).

Yes, Dynamic DNS update is an area that needs work.  Does anybody have
BIND accepting GSS TSIG updates?  Any idea how is the authorization
handled in this and in AD?

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.                  http://redhat.com



More information about the samba-technical mailing list