SAMR_SET_USERINFO on Windows NT
muehlenhoff at univention.de
Thu Jul 19 12:04:27 GMT 2007
Moritz Mühlenhoff wrote:
> we noticed a problem with domain joins on Windows NT4 when using the LDAP
> backend. This is a different issue than the one solved with the patch
> referenced in
> Apparently the value is taken directly from the SAMR_SET_USERINFO packet,
> as 0x201 results in 513.
> [2007/06/27 00:30:25, 5] rpc_parse/parse_prs.c:prs_uint32(704)
> 00bc group_rid : 00000201
> However, if compared with a Windows XP client no such RID is passed from
> [2007/04/21 04:04:21, 5] rpc_parse/parse_prs.c:prs_uint32(704)
> 00bc group_rid : 00000000
> This didn't cause problems up to 3.0.22, but with later versions (likely
> caused by the user and group changes in 3.0.23) this results in NT4 clients
> no longer being able to join (at least with the LDAP backend).
FWIW; with attached patch - which simply omits the group_rid information from
SAMR_SET_USERINFO packets - domain joins of NT4 systems are again possible.
We didn't notice any side effects with other Windows version in a large
installation for some time now.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 811 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20070719/d984030a/nt-join-fix.bin
More information about the samba-technical