More DSDB-ACL patches
Andrew Bartlett
abartlet at samba.org
Thu Jan 24 15:44:26 MST 2013
On Thu, 2013-01-24 at 22:05 +0100, Stefan (metze) Metzmacher wrote:
> Hi Andrew,
>
> can you have a look at the patches in this branch
> https://gitweb.samba.org/?p=metze/samba/wip.git;a=shortlog;h=refs/heads/master-ready
These look good.
Does my alpha13 test now pass on top of this? If so, please include it
and mark the series:
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Comments you may wish to address:
provision: setup names.name_map['DnsAdmins']
https://gitweb.samba.org/?p=metze/samba/wip.git;a=commitdiff;h=16a2f9d78ed37bdac19598a776ac6fc6c202ce61
This uses SCOPE_ONE. If we are so certain so to where this object is,
and the object's name, there is really no point even searching. Why not
make this SCOPE_SUBTREE so we find it if it is moved? Is there a well
known SID for this object?
dbckecker: fix nTSecurityDescriptor values from before 4.0.0rc6 (bug
#9481)
https://gitweb.samba.org/?p=metze/samba/wip.git;a=commitdiff;h=1528f240b24515b3cfc243f567cbf88261732744
Can this be made to unset 'broken' if the SD turns out not to change?
That way, we just waste CPU but don't forever churn the database if our
heuristic fires on a legitimate SD.
Thanks,
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
More information about the samba-technical
mailing list