question about create_local_nt_token
Herb Lewis
hlewis at panasas.com
Wed Aug 13 23:55:07 GMT 2008
Try this. add several groups to a user. Pick one of the
groups returned by wbinfo --user-domgroups that is not the
first group to be the primary group of the user. set debug
level to be 10 and connect from a client as that user.
look for "NT user token of user " in the logs. The first
group SID will not be the primary SID. This is using a
W2k SP4 DC.
Jeremy Allison wrote:
> On Wed, Aug 13, 2008 at 04:24:50PM -0700, Herb Lewis wrote:
>
>>The comment says we are adding the user and primary group sid
>>to the array, but we add the user and the first group in the
>>groupsids array. This is not always the primary group. How can
>>we tell which is the primary group?
>
>
> By convention the first group in the groupsids array
> should be the primary group. Where in the code do you
> see it not being the primary ?
>
> Jeremy.
More information about the samba-technical
mailing list