[Pkg-samba-maint] Bug#474108: samba domain controller disregarding 'valid users' settings

Josip Rodin joy at debbugs.entuzijast.net
Mon Apr 7 21:04:51 UTC 2008


On Thu, Apr 03, 2008 at 02:00:13PM +0200, Josip Rodin wrote:
> Package: samba
> Version: 3.0.24-6etch9
> Severity: important
> 
> It appears that once you set a Samba server to be a primary domain
> controller that authenticates via a back-end LDAP server, it can no longer
> serve as a meaningful file server, because the 'valid users' setting
> simply doesn't work any more. It works on the normal Sambas which are
> set to use 'security = domain' with the Samba PDC, but not on the
> controller itself, for some reason.
> 
> Now I'd have to edit the code, recompile and test it on a production PDC :/
> I'll have to go reproduce it in a lab setting...

I reproduced it separately, but it depended on the LDAP entries being
the same, and that Samba saw them (i.e. that the SIDs matched).
Without that (by accident I had a different SID prefix in the test
installation), the 'valid users' list got parsed just as expected.

I'll be fiddling with the source now...

-- 
     2. That which causes joy or happiness.





More information about the Pkg-samba-maint mailing list