Setting 'nTSecurityDescriptor' via LDAP fails
Zahari Z.
zahari.zahariev at postpath.com
Tue Mar 10 09:43:52 GMT 2009
Andrew Bartlett wrote:
> On Fri, 2009-03-06 at 15:11 +0200, Zahari Z. wrote:
>
>> Hello Andrew and Samba4,
>>
>> I am raising this issue again. This is about sending ndr_packed()
>> nTsecurityDescriptor object via LDAP connection.
>>
>
>
>> Hope the explanation is clear and you would be able to help us overcome
>> this LDAP situation.
>>
>
> Does this test pass against Windows 2003 or 2008?
>
> Andrew Bartlett
>
>
Hello Andrew,
It does not pass against Windows2003. It crushes with 'Constrain error'
that resolves according to winerror.h this error sesolves to 'Invalid
nTSecurityDescriptor'.
See the error against Win2003:
Traceback (most recent call last):
File "./lib/ldb/tests/python/acl-test.py", line 100, in test_acl_read
"ntSecurityDescriptor" : ndr_pack(x),
LdbError: (19, 'LDAP error 19 LDAP_CONSTRAINT_VIOLATION - <0000053A:
AtrErr: DSID-03150B5E, #1:\n\t0: 0000053A: DSID-03150B5E, problem 1005
(CONSTRAINT_ATT_TYPE), data 0, Att 20119 (nTSecurityDescriptor)\n> <>')
My guess is that something happens at the moment of writing to database
or while sending.
What do you think or reckon?
-Zahari, Sofia
More information about the samba-technical
mailing list