[WIP] Re: [PATCH] Some fixes for Samba RODC
Garming Sam
garming at catalyst.net.nz
Wed Apr 26 05:18:01 UTC 2017
Tests are now added to ensure that a RWDC receives bad passwords and
resets. SID checks are now in place for SendToSam, and there is a small
test to prove that a locally cached user not present in the RODC reveal
group cannot get their badPwdCount reset to 0.
Apart from some tidy up, this implements nearly everything I was
planning. The only caveat are the unlikely winbind edge cases where it
may fail to contact a RWDC after a dropped connection. However, as
required by the testing, there is a workaround using the 'password
server' attribute in the smb.conf file to force a particularly list of
servers. Hopefully I will get some time and advice to get that done, but
even with this workaround Samba RODC is now much more reliable and
reasonably feature complete.
Cheers,
Garming
On 18/04/17 17:03, Garming Sam wrote:
> git://git.catalyst.net.nz/samba.git garming-rodc-wip
>
> http://git.catalyst.net.nz/gitweb?p=samba.git;a=shortlog;h=refs/heads/garming-rodc-wip
>
More information about the samba-technical
mailing list