[PATCH] Failure to modify nTSecurityDescriptor attribute ussing ldb.modify_ldif()
Zahari Zahariev
zahari.zahariev at postpath.com
Tue Aug 4 02:29:12 MDT 2009
Hello Andrew,
I do not know what to say (*speechless*) so I will just say -- IT WORKS!
Little patch coming from you, big leap for ACL unittest future.
Thank you!
---
Zahari Zahariev
Software Engineer, PPD & Installer team
Cisco Systems, Bulgaria
----- Original Message -----
> From: Andrew Bartlett <abartlet at samba.org>
> To: Zahari Zahariev <zahari.zahariev at postpath.com>
> Cc: samba-technical at lists.samba.org <samba-technical at lists.samba.org>
> Sent: Tuesday, August 4, 2009 9:59:36 AM GMT+0200 Europe;Athens
> Subject: Re: [PATCH] Failure to modify nTSecurityDescriptor attribute ussing ldb.modify_ldif()
> > On Mon, 2009-07-06 at 17:41 +0300, Zahari Zahariev wrote:
> > Hello Andrew & Samba4,
> >
> > I have updated my self to the latest Samba and I verified your work.
> Your changes indeed work and it now produces a parsing error if you
> try to use BASE64 value for nTSecurityDescriptor attribute in LDIF.
> >
> > The new patch I am including is the way I understood Ldb is
> intelligent enough to read SDDL sting right off from the LDIF. I
> tested this against Windows 2003 and Samba and it produced different
> results (nothing unusual so far).
>
> I've changed our LDB code to cope with a binary SID, and to also cope
> with SDDL properly (including handling the domain SID lookup if
> required).
>
> Let me know if this works any better for you,
>
> Thank you for your patience, and feel free to remind me when I get
> behind on important bugs like this.
>
> Andrew Bartlett
>
> --
> Andrew Bartlett
> http://samba.org/~abartlet/
> Authentication Developer, Samba Team http://samba.org
> Samba Developer, Cisco Inc.
More information about the samba-technical
mailing list