svn commit: samba r12363 - in branches/SAMBA_4_0/source: auth dsdb/samdb

Andrew Bartlett abartlet at samba.org
Tue Dec 20 02:00:12 GMT 2005 

On Tue, 2005-12-20 at 07:39 +1100, tridge at samba.org wrote:
> Andrew,
> 
>  > >  - the objectClass needs to be added to the list of attributes to make
>  > >    the check for objectClass=computer work
>  > 
>  > On the domain_ref object?  This just doesn't look right.
> 
> Indeed it looks strange, but that was the attribute list that is being
> used when I traced back up the stack.

Odd indeed.

>  > Ahh, I didn't know it was using the full name, but this still doesn't
>  > look right.  Does the client set the dnsHostname?  Could we look at that
>  > attribute rather than 'cn'?  
> 
> No, dnsHostname is not setup.

This makes it painful.  I don't like the idea that the name might not be
unique, but I suppose the samAccountName is, and it's much the same.  We
should probably search for this as a fallback.

> Here is the record for a join from a win2000 box:
> 
> 
> dn: CN=W2K,CN=Computers,DC=bludom,DC=tridgell,DC=net
> distinguishedName: CN=W2K,CN=Computers,DC=bludom,DC=tridgell,DC=net
> sAMAccountName: W2K$
> objectClass: computer
> objectClass: user
> distinguishedName: CN=TemplateMemberServer,CN=Templates,DC=bludom,DC=tridgell,DC=net
> instanceType: 4
> badPwdCount: 0
> codePage: 0
> countryCode: 0
> badPasswordTime: 0
> lastLogoff: 0
> lastLogon: 0
> primaryGroupID: 513
> accountExpires: -1
> logonCount: 0
> sAMAccountType: 0x30000001
> objectCategory: CN=Computer,CN=Schema,CN=Configuration,DC=bludom,DC=tridgell,DC=net
> whenCreated: 20051219120353.0Z
> objectSid: S-1-5-21-1700789653-1060376436-214742836-1002
> objectGUID: db3ad875-9ba0-4aba-adf1-05f7571b2126
> CN: W2K
> displayName: W2K$
> userAccountControl: 4096
> ntPwdHash:: m+l5/YKG22xFVCQXtmz0Gw==
> pwdLastSet: 127794675050000000
> msDS-KeyVersionNumber: 1
> lmPwdHistory:: AAAAAAAAAAAAAAAAAAAAAA==
> ntPwdHistory:: m+l5/YKG22xFVCQXtmz0Gw==
> whenChanged: 20051219120505.0Z
> name: W2K
> 
-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Student Network Administrator, Hawker College  http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20051219/8d1464e3/attachment.bin

More information about the samba-technical mailing list