[Pkg-samba-maint] Bug#474108: samba domain controller disregarding 'valid users' settings

Josip Rodin joy at debbugs.entuzijast.net
Mon Apr 7 22:55:49 UTC 2008


On Mon, Apr 07, 2008 at 11:04:51PM +0200, Josip Rodin wrote:
> > It appears that once you set a Samba server to be a primary domain
> > controller that authenticates via a back-end LDAP server, it can no longer
> > serve as a meaningful file server, because the 'valid users' setting
> > simply doesn't work any more.
> 
> I reproduced it separately, but it depended on the LDAP entries being
> the same, and that Samba saw them (i.e. that the SIDs matched).
> Without that (by accident I had a different SID prefix in the test
> installation), the 'valid users' list got parsed just as expected.
> 
> I'll be fiddling with the source now...

It looks like lp_valid_users(snum) is actually including my username,
one which is decidedly *not* part of the 'valid users' setting for that
share in smb.conf. Or at least that's what token_contains_name_in_list(...)
thinks. I'll have to spend some more time unscrambling these ghastly
list structures...

-- 
     2. That which causes joy or happiness.





More information about the Pkg-samba-maint mailing list