svn commit: samba r8786 - branches/SAMBA_3_0/source/utils trunk/source/utils
Author: gd Date: 2005-07-26 20:11:37 + (Tue, 26 Jul 2005) New Revision: 8786 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=8786 Log: Fix amazing and long-standing bug where user-accounts are just crippled accounts (accounts without AcctCtrl set) after a vampire-process. New Accounts tend to hace no acb_info at all which means "0" (ACB_NORMAL). Unless 0 becomes not 0 we don't do anything and set *no* acctrl for normal users at all (!). Those crippled users now don't show up in usrmgr since 3.0.20somethings ldap-routines now finally test if the attribute is there. Guenther Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c trunk/source/utils/net_rpc_samsync.c Changeset: Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c === --- branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2005-07-26 18:48:36 UTC (rev 8785) +++ branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2005-07-26 20:11:37 UTC (rev 8786) @@ -482,8 +482,7 @@ /* TODO: account expiry time */ - if (pdb_get_acct_ctrl(account) != delta->acb_info) - pdb_set_acct_ctrl(account, delta->acb_info, PDB_CHANGED); + pdb_set_acct_ctrl(account, delta->acb_info, PDB_CHANGED); pdb_set_domain(account, lp_workgroup(), PDB_CHANGED); Modified: trunk/source/utils/net_rpc_samsync.c === --- trunk/source/utils/net_rpc_samsync.c2005-07-26 18:48:36 UTC (rev 8785) +++ trunk/source/utils/net_rpc_samsync.c2005-07-26 20:11:37 UTC (rev 8786) @@ -482,8 +482,7 @@ /* TODO: account expiry time */ - if (pdb_get_acct_ctrl(account) != delta->acb_info) - pdb_set_acct_ctrl(account, delta->acb_info, PDB_CHANGED); + pdb_set_acct_ctrl(account, delta->acb_info, PDB_CHANGED); pdb_set_domain(account, lp_workgroup(), PDB_CHANGED);
Re: svn commit: samba r8786 - branches/SAMBA_3_0/source/utils trunk/source/utils
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [EMAIL PROTECTED] wrote: | Fix amazing and long-standing bug where user-accounts | are just crippled accounts (accounts without AcctCtrl set) | after a vampire-process. | | New Accounts tend to hace no acb_info at all which means "0" | (ACB_NORMAL). Unless 0 becomes not 0 we don't do anything | and set *no* acctrl for normal users at all (!). Those | crippled users now don't show up in usrmgr since | 3.0.20somethings ldap-routines now finally test if | the attribute is there. Guenther, You added the change to start looking at the separating searches based on the ACB value for 3.0.11 I thought. Or are we talking about a different change to ldapsam now? LDAP Changes If "ldap user suffix" or "ldap machine suffix" are defined in smb.conf, all user-accounts must reside below the user suffix, and all machine and inter-domain trust-accounts must be located below the machine suffix. Previous Samba releases would fall back to searching the 'ldap suffix' in some cases. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFC55B2IR7qMdg1EfYRAnBgAJ94TAuoNvm3Cjo32t+GY2ajcUJ6SQCdE+tI vWPAS34KW6IU7pf/blXjMgs= =R6ht -END PGP SIGNATURE-
Re: svn commit: samba r8786 - branches/SAMBA_3_0/source/utils trunk/source/utils
Hi Jerry, On Wed, Jul 27, 2005 at 08:47:34AM -0500, Gerald (Jerry) Carter wrote: > [EMAIL PROTECTED] wrote: > > | Fix amazing and long-standing bug where user-accounts > | are just crippled accounts (accounts without AcctCtrl set) > | after a vampire-process. > | > | New Accounts tend to hace no acb_info at all which means "0" > | (ACB_NORMAL). Unless 0 becomes not 0 we don't do anything > | and set *no* acctrl for normal users at all (!). Those > | crippled users now don't show up in usrmgr since > | 3.0.20somethings ldap-routines now finally test if > | the attribute is there. > > Guenther, > > You added the change to start looking at the separating > searches based on the ACB value for 3.0.11 I thought. > Or are we talking about a different change to ldapsam > now? This is something completly different. What I've added a while ago was: when enumerating users, derive ldap_filter from the requested acb-info. But this one here is an important change to "net rpc vampire": vampire 100 users and they all had *no* acb_info set in ldap (!). Now the new search-semantics for enumerations in LDAP (since the early 3.0.20betas) simply skip accounts that have no acb_info at all (for good reason). 3.0.20 will trigger (even without my fix which just fixes a broken "net rpc vampire" for future use) a couple of mails like "hey, since I upgraded to 3.0.20 most of my users are no longer displayed in usrmgr". Maybe we have to provide a magic selfrepair of vampired accounts. Cheers, Guenther -- Günther DeschnerGPG-ID: 8EE11688 Novell / SUSE LINUX [EMAIL PROTECTED] Samba Team [EMAIL PROTECTED] pgp6iBBploHeC.pgp Description: PGP signature
