[PATCH] lookupsids for domain sids
obnox at samba.org
Mon Sep 23 21:05:14 CEST 2013
On 2013-09-23 at 21:01 +0200, Christian Ambach wrote:
> Hi Michael,
> Am 18.09.13 10:03, schrieb Michael Adam:
> >Hi list,
> >I found that the s4 dc does not reply correctly to a lookupsids
> >request for the domain sid:
> >We should reply with sid type DOMAIN (3) and the name string set
> >to NULL.
> >Instead we reply with sid type UNKNOWN (8) and the input sid
> >as the name string.
> >The attached patch fixes that in s4's rpc-server.
> >The second patch improves the output of the rpcclient tool's
> >lookupsids implementation in that case (printing DOMAIN_NAME
> >instead of DOMAIN_NAME\*unknown*).
> >I don't quite understand yet, what our "lsalookup" test does,
> >or more precisely why the server patch does not change the
> >test result of this test...
> >So this needs more investigation, but I wanted to share the
> >finding already at this stage.
> I think a test that detects any further breakage is a must and if
> the current test did not detect this, it was not sufficient and
> should be improved.
> If we take this patch now, it'll be out of sight soon and might come
> up again some time in the future.
I have looked into our lookupsids test, but it is pretty clever
and I need to concentrate hard to see what happens.
I think the point is that the test does very many things and
also fails due to other issues. So it is just one cause less
for the test to fail. I think we could to split that up into
more atomic tests so that we can have small units succeeding.
Cheers - Michael
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 215 bytes
Desc: Digital signature
More information about the samba-technical