Nadezhda Ivanova nadezhda.ivanova at
Sat Jan 16 17:34:33 MST 2010

Yes, I think you are right, this should be the cause. In this case the test may be incorrect, we should not let access checks prevent us from checking the SD is there...

----- Original Message -----
> From: tridge at <tridge at>
> To: Nadezhda Ivanova <nadezhda.ivanova at>
> Cc: jelmer at <jelmer at>, samba-technical at <samba-technical at>
> Sent: Sunday, January 17, 2010 2:19:21 AM GMT+0200 Europe;Athens
> Subject: Re: BasicTests.test_security_descriptor_add_neg

> > Hi Nadya,
> What seems to happen on windows is that the nTSecurityDescriptor that
> we provided in the add then denies ourselves the ability to read the
> nTSecurityDescriptor attribute from the object. So the add works, but
> then when we do the search, we don't get back the
> nTSecurityDescriptor.
> I don't think we do full ACL checking on search yet, right? Maybe this
> explains the difference in behaviour?
> Cheers, Tridge

More information about the samba-technical mailing list