Bug in the SIDs of system account
Andrew Bartlett
abartlet at samba.org
Mon Jun 13 17:36:04 MDT 2011
On Tue, 2011-06-14 at 00:43 +0400, Matthieu Patou wrote:
> Hello andrew,
>
> Can you have a look at this patch ?
> I discovered today that SIDs for the group and the user are quite often
> broken, for the group it's rather obvious as we have the domain SID as
> value.
Hmm, so the provision would have been created with 'domain users' as the
owning user for everything, rather than the domain administrator?
I really should have tested that change better...
> Can you check that's the only problem of such kind, and if so sign-off
> my patch ?
What we need is a unit test for admin_session(), to ensure this stays
fixed...
> Thanks.
>
> Matthieu.
>
> note: it means that all provision since Jan 2011 have broken SDs,
> unfortunately I discovered a couple of issues in upgradeprovision so I
> propose to postpone the release of alpha16 up to the moment I finish
> fixes for upgradeprovision so that our users can cleanly upgrade the SD
> of their provision.
That sounds like a reasonable reason to postpone a release, but if we
can't fix this in a reasonable time (remember, we are trying to do the
release for OpenChange), then I suggest we just do another alpha once
the upgradeprovision fix is available.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
More information about the samba-technical
mailing list