svn commit: samba r12363 - in branches/SAMBA_4_0/source: auth
dsdb/samdb
Andrew Bartlett
abartlet at samba.org
Tue Dec 20 02:00:12 GMT 2005
On Tue, 2005-12-20 at 07:39 +1100, tridge at samba.org wrote:
> Andrew,
>
> > > - the objectClass needs to be added to the list of attributes to make
> > > the check for objectClass=computer work
> >
> > On the domain_ref object? This just doesn't look right.
>
> Indeed it looks strange, but that was the attribute list that is being
> used when I traced back up the stack.
Odd indeed.
> > Ahh, I didn't know it was using the full name, but this still doesn't
> > look right. Does the client set the dnsHostname? Could we look at that
> > attribute rather than 'cn'?
>
> No, dnsHostname is not setup.
This makes it painful. I don't like the idea that the name might not be
unique, but I suppose the samAccountName is, and it's much the same. We
should probably search for this as a fallback.
> Here is the record for a join from a win2000 box:
>
>
> dn: CN=W2K,CN=Computers,DC=bludom,DC=tridgell,DC=net
> distinguishedName: CN=W2K,CN=Computers,DC=bludom,DC=tridgell,DC=net
> sAMAccountName: W2K$
> objectClass: computer
> objectClass: user
> distinguishedName: CN=TemplateMemberServer,CN=Templates,DC=bludom,DC=tridgell,DC=net
> instanceType: 4
> badPwdCount: 0
> codePage: 0
> countryCode: 0
> badPasswordTime: 0
> lastLogoff: 0
> lastLogon: 0
> primaryGroupID: 513
> accountExpires: -1
> logonCount: 0
> sAMAccountType: 0x30000001
> objectCategory: CN=Computer,CN=Schema,CN=Configuration,DC=bludom,DC=tridgell,DC=net
> whenCreated: 20051219120353.0Z
> objectSid: S-1-5-21-1700789653-1060376436-214742836-1002
> objectGUID: db3ad875-9ba0-4aba-adf1-05f7571b2126
> CN: W2K
> displayName: W2K$
> userAccountControl: 4096
> ntPwdHash:: m+l5/YKG22xFVCQXtmz0Gw==
> pwdLastSet: 127794675050000000
> msDS-KeyVersionNumber: 1
> lmPwdHistory:: AAAAAAAAAAAAAAAAAAAAAA==
> ntPwdHistory:: m+l5/YKG22xFVCQXtmz0Gw==
> whenChanged: 20051219120505.0Z
> name: W2K
>
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20051219/8d1464e3/attachment.bin
More information about the samba-technical
mailing list