New approach to "valid users" fix
Gerald (Jerry) Carter
jerry at samba.org
Fri Aug 11 21:13:26 GMT 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Volker Lendecke wrote:
> On Fri, Aug 11, 2006 at 02:01:38PM -0500, Gerald (Jerry) Carter wrote:
>> NT user token of user S-1-5-21-2547222302-1596225915-2414751004-2560
>> contains 13 SIDs
>> SID[ 0]: S-1-5-21-2547222302-1596225915-2414751004-2560
>> SID[ 1]: S-1-22-2-100
>
> Isn't that going to kill a PDC the same way Jeremy's patch
> did lately? The primary group SID (the first one in the
> list) MUST be in the user's domain.
Hmmm...not for my working PDCs. I've tested LDAP
and tdbsam. Not sure about smbpasswd. I think it should
be fine. Remember pdb_get_group_sid() handles that for us
an fills in RID 513 if necessary.
If tdbsam works, then smbpassword should work. That's the
whole point of the patch is to remove the special
case exceptions for smbpasswd. I'll test thought to make
sure.
cheers, jerry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFE3PL2IR7qMdg1EfYRAnPpAKDNa+08gck66eFGVnMvX1JXRRGHKACg2+0n
AAc8XkjqEU4irCkBh0FL7SY=
=uB09
-----END PGP SIGNATURE-----
More information about the samba-technical
mailing list