[Pkg-samba-maint] Bug#474108: samba domain controller disregarding 'valid users' settings

Josip Rodin joy at debbugs.entuzijast.net
Mon Apr 7 21:04:51 UTC 2008

On Thu, Apr 03, 2008 at 02:00:13PM +0200, Josip Rodin wrote:
> Package: samba
> Version: 3.0.24-6etch9
> Severity: important
> It appears that once you set a Samba server to be a primary domain
> controller that authenticates via a back-end LDAP server, it can no longer
> serve as a meaningful file server, because the 'valid users' setting
> simply doesn't work any more. It works on the normal Sambas which are
> set to use 'security = domain' with the Samba PDC, but not on the
> controller itself, for some reason.
> Now I'd have to edit the code, recompile and test it on a production PDC :/
> I'll have to go reproduce it in a lab setting...

I reproduced it separately, but it depended on the LDAP entries being
the same, and that Samba saw them (i.e. that the SIDs matched).
Without that (by accident I had a different SID prefix in the test
installation), the 'valid users' list got parsed just as expected.

I'll be fiddling with the source now...

     2. That which causes joy or happiness.

More information about the Pkg-samba-maint mailing list