-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Sergey Loskutov wrote : | Step1 | samba added machine "INTRUDER" added to ldap | through "add machine script", but not set samba | attributes to this machine account | Step2 | Samba check privileges to user nobody and send | message access denied to remote host | | Any users not member in my domain "HOME", in | my ldap server creates any "machine account" and .... | o my god !!!! my database is big very big : )))
This is by design. Your smbldap scripts are allowing normal users to add posixAccount entries. This is the way it has always been.
So this begs the question, would be be upset if we changed the behavior so that we immediately bail out if you are not either connected as root or have the necessary privilege? I would be inclined to think this is the correct approach, but it would not be backwards compatible.
| Problem 2. ...
| Please fixed samba-3.0.11 or explain what is wrong ??? | | Analysis code 3.0.11 say me ... is bad very bad ....
I think I can probebly reproduce this last 2 error easily enough. We'll try to get this corrected in the first 3.0.12preX release sometime next week.
cheers, jerry ===================================================================== Alleviating the pain of Windows(tm) ------- http://www.samba.org GnuPG Key ----- http://www.plainjoe.org/gpg_public.asc "I never saved anything for the swim back." Ethan Hawk in Gattaca -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFCFNeYIR7qMdg1EfYRAnqpAJ41/2Dcg79Nah+FkwQ3xc15RckbuACePrHb 9rEVoPLUAvjmUX2cxd2uz9k= =7bKP -----END PGP SIGNATURE----- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba