Menu
▾
▴
Re: [pdbsql-devel] 3_2 version
|
From: Collen B. <co...@he...> - 2008-07-21 20:14:27
|
Hi, Thx i knew about the acct_ctrl and all but didn't knew how they were stored or accessed always nice to learn new things. (-: i did test too day, and all seems to be ok accept for pdbedit -L this one still returns users and machines ?? i did not test against ldap and tdbsam, so i can't tell if it's pdbsql problem or not. the gplv3 thing. all i was wondering about, is if the two (v2 and v3) where compatible. i did read the 2, but as i said law and license aren't my thing (-: i'd rather stick with gplv2, coz' i know that one. and i don't know what gplv3 means in every day's life. ?! Cheers, I'll see if i can release a rc for the pdbsql_32 shall we stick with the version numbering as it is ?? (0.4) or shall we do something different, coz this one only works with the new samba 3.2.x Greetz, Collen >> with this fix, the users and computers should be split again. >> just curious, what does the 'acct_flags' hold ?? >> or in better words, what does it do ?? > > The account flags store the information on what type of account we're > dealing with. When you run a `pdbedit -v herwin` on my computer you get > the output `Account flags: [UX ]', which mean I'm a user (U) and my > password does not expire (X). > Internally this is not stored as a string, but as an unsigned 32-bit > integer, where all bits can be seen as on/off-switches. The values of > the bits can be found in librpc/gen_ndr/samr.h. My UX is actually > ACB_PWNOEXP | ACB_NORMAL = 528 (| means binary or, try googling for c > bitwise operators). A random workstation will have the value ACB_WSTRUST > (128), which gives us the string [W ]. > > The functions net_sam_list_users and net_sam_list_workstations > (utils/net_sam.c) call the pdb_search_users with respectively the > acct_flags ACB_NORMAL and ACB_WSTRUST, which means we only want to see > the results that match the full bitmask provided by us (we could call > pdb_search_users(ACB_PWNOEXP | ACB_NORMAL) to match only the users with > passwords that do not expire if we would). The bitmask is then fed to > the _next_user function of our plugin, and there it needs to check the > user to see if the bitmask matches the given pattern: only return a user > if it matches. > > Regards, > > Herwin > > ------------------------------------------------------------------------- > This SF.Net email is sponsored by the Moblin Your Move Developer's > challenge > Build the coolest Linux based applications with Moblin SDK & win great > prizes > Grand prize is a trip for two to an Open Source event anywhere in the > world > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > |
