[PATCH] Please review my session-info branch
Andrew Bartlett
abartlet at samba.org
Sun Aug 15 16:36:40 MDT 2010
On Sun, 2010-08-15 at 17:45 +0300, Nadezhda Ivanova wrote:
>
> Hi Andrew,
> I do not understand enough the purpose of your patch, but replacing
> anonymous_session with system_session in acl.py is not acceptable -
> recently I added some tests for denying anonymous access, which I will
> activate when I am able to get this feature in master. The tests do
> work against windows and are tested :). If you tell me what else I can
> use to establish an anonymous connection, then I'll use it instead and
> the patch would be OK, otherwise I need this binding.
To make an LDB connection with anonymous (or other) credentials, simply
specify those separately to the session_info. Explicitly specified
credentials are always used in preference to those associated with the
session_info.
> Also, what is the purpose of
> http://gitweb.samba.org/?p=abartlet/samba.git/.git;a=commitdiff;h=080d1a8e1c4f7ff1cb9c484df81cfd4cd6636726? Are you sure it doesn't change the resulting token? We use this session during provision to make sure the object's descriptors are generated properly. I'll compile your branch and take a look at the resulting descriptors to make sure they look as they should...
Please do check, but I couldn't see any difference in the code.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Cisco Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20100816/1f5065ad/attachment.pgp>
More information about the samba-technical
mailing list