[Samba] usermgr.exe vs. 3.0.11 [was Re: Problems to samba 3.0.11]

Gerald (Jerry) Carter jerry at samba.org
Thu Feb 17 17:42:48 GMT 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sergey Loskutov wrote
:
| Step1
| samba added machine "INTRUDER" added to ldap
| through "add machine script", but not set samba
| attributes to this machine account
| Step2
| Samba check privileges to user nobody and send
| message access denied to remote host
|
| Any users not member in my domain "HOME", in
| my ldap server creates any "machine account" and ....
| o my god !!!! my database is big very big : )))

This is by design.  Your smbldap scripts are allowing
normal users to add posixAccount entries.  This is the
way it has always been.

So this begs the question, would be be upset if we changed
the behavior so that we immediately bail out
if you are not either connected as root or have the
necessary privilege?  I would be inclined to think this
is the correct approach, but it would not be backwards
compatible.

| Problem 2.
...

| Please fixed samba-3.0.11 or explain what is wrong ???
|
| Analysis code 3.0.11 say me ... is bad very bad ....

I think I can probebly reproduce this last 2 error
easily enough.  We'll try to get this corrected in
the first 3.0.12preX release sometime next week.







cheers, jerry
=====================================================================
Alleviating the pain of Windows(tm)      ------- http://www.samba.org
GnuPG Key                ----- http://www.plainjoe.org/gpg_public.asc
"I never saved anything for the swim back."     Ethan Hawk in Gattaca
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCFNeYIR7qMdg1EfYRAnqpAJ41/2Dcg79Nah+FkwQ3xc15RckbuACePrHb
9rEVoPLUAvjmUX2cxd2uz9k=
=7bKP
-----END PGP SIGNATURE-----


More information about the samba mailing list