Bug in the SIDs of system account
abartlet at samba.org
Mon Jun 13 17:36:04 MDT 2011
On Tue, 2011-06-14 at 00:43 +0400, Matthieu Patou wrote:
> Hello andrew,
> Can you have a look at this patch ?
> I discovered today that SIDs for the group and the user are quite often
> broken, for the group it's rather obvious as we have the domain SID as
Hmm, so the provision would have been created with 'domain users' as the
owning user for everything, rather than the domain administrator?
I really should have tested that change better...
> Can you check that's the only problem of such kind, and if so sign-off
> my patch ?
What we need is a unit test for admin_session(), to ensure this stays
> note: it means that all provision since Jan 2011 have broken SDs,
> unfortunately I discovered a couple of issues in upgradeprovision so I
> propose to postpone the release of alpha16 up to the moment I finish
> fixes for upgradeprovision so that our users can cleanly upgrade the SD
> of their provision.
That sounds like a reasonable reason to postpone a release, but if we
can't fix this in a reasonable time (remember, we are trying to do the
release for OpenChange), then I suggest we just do another alpha once
the upgradeprovision fix is available.
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
More information about the samba-technical