Matthias Dieter Wallnöfer
mdw at samba.org
Sat May 21 09:09:38 MDT 2011
in general good work, I will push a slightly corrected version (I've
cleaned up a bit the test patch to comply with the other testcases).
Matthieu Patou wrote:
> On 19/05/2011 19:50, Matthias Dieter Wallnöfer wrote:
>> Hi ekacnet,
>> please don't sort out these things since the plan is to end up in
>> common LDB add and modify triggers code at some point.
> Ok didn't know it, looked like some leftover, but it's more a start ...
>> Second question: is the sam.py code still passing with your second
> Not quite, I changed the code to just do not change the primaryGroupID
> if you are a user because, in this case you can't get the flags
> UF_SERVER_TRUST_ACCOUNT or UF_WORKSTATION_TRUST_ACCOUNT that determine
> that you are a workstation or a (RO)DC and have an influence on your
> In other case it's authorized as you will change group if you get the
> flag UF_SERVER_TRUST_ACCOUNT.
> I added a unit test as well.
> I guess it's pretty good now at:
> Any comments ?
>> Matthieu Patou wrote:
>>> Hello Mathias,
>>> I faced some strange behavior with net setpassword and I'm pretty
>>> sure that's it's linked to samldb_user_account_control_change.
>>> Are you sure that this function should be called on modify ? At
>>> least I'm sure that primaryGroupID should not be set.
>>> I made a try with a user with primaryGroupID set to 513, I locked
>>> the user, when I unlock the user, Windows XP sends to a W2k8R2 DC a
>>> modify on userAccountControl but this didn't imply modifying the
>>> I have the feeling that the group calculation should be done only on
>>> add not on modify.
>>> So I pushed 2 patches here:
More information about the samba-technical