[Samba] smbldap.c

Rauno Tuul rauno.tuul at haigekassa.ee
Tue Sep 16 20:25:49 GMT 2003



-----Original Message-----
From: Antoine Jacoutot [mailto:ajacoutot at lphp.org]

On Tuesday 16 September 2003 21:34, Rauno Tuul wrote:
> IMHO groupmapping doesnt fill that hole, because whatever groupmap entry
> doesn't give admin rights on LDAP.

> So, you think that's ok to remove that piece of code, right ?

removing isn't the best solution, for security reasons. then can anyone turn
the LDAP to a mess...

Honestly said, the parameter "domain admin group" should come back. 
Some say it isn't necessary.
But how can you add PC's to domain with for example 2 users "brick" and
"stone" (different passwords), when their uid isn't 0 and they aren't in
"admin users" list? 

Rgds,
Rauno.



More information about the samba mailing list