IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Pavel Filipensky <pfilipensky@samba.org>
Autobuild-Date(master): Tue May 14 13:37:53 UTC 2024 on atb-devel-224
This test is useless and won't work anymore in future.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
This argument is actually an instance of SamDB (which inherits from Ldb).
This should have been called samdb.
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
This expects PermissionError: [Errno 1] Operation not permitted,
but it seems that setxattr() for security.NTACL works on gitlab
runners without being root.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
We were mistakenly asserting something that did not happen with
Windows, because Samba already won't parse the DN string.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10763
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
9 hex-digit subauths like '0xABCDef123' will not fit in 32 bits, so
should be rejected on parsing.
In other situations, such as defaultSecurityDescriptor, overflowing
SID subauths on Windows will saturate to 0xffffffff, resulting in a
valid but probably meaningless SID. It is possible that in previous
testing we saw that here, but it is more likely I got confused. In any
case, now I see them being rejected, and that is good.
The saturating defaultSecurityDescriptor case is tested in
SidStringBehavioursThatWindowsAllows.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10763
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
And so should we.
Right now, these tests won't pass against Windows because they rely on
ldb pre-parsing of the SIDs, so they fail before Windows gets to see
them. Running them against Windows looks something like this, BTW:
SAMBA_SID_STRINGS_SKIP_LOCAL=1 \
SMB_CONF_PATH=st/ad_dc/etc/smb.conf \
PYTHONPATH=bin/default/python \
DC_SERVER=192.168.122.126 \
DC_USERNAME=Administrator DC_PASSWORD='xxx' \
python3 python/samba/tests/sid_strings.py
When things are right, the only failing tests should be from the
SidStringBehavioursThatSambaPrefers suite.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10763
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
It seems as if the well-known SID S-1-5-32-579
(DOMAIN_ALIAS_RID_ACCESS_CONTROL_ASSISTANCE_OPS) is
not always present -- specifically, it was not there on the
Windows machine used to develop these tests, but it is there on
the one I am now using.
S-1-5-32-545 (DOMAIN_ALIAS_RID_USERS) is surely going to exist,
so we use that instead.
That changes some of the assertions, making some NO_SUCH_OBJECTs
into successes.
For these tests we are only interested in the parsing of the SIDs, not
their meaning, so it's OK to change it.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10763
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15636
Signed-off-by: Anna Popova <popova.anna235@gmail.com>
Reviewed-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Apr 24 06:20:58 UTC 2024 on atb-devel-224
ldap server require strong auth = allow_sasl_over_tls
is now an alias for 'allow_sasl_without_tls_channel_bindings'
and should be avoided and changed to 'yes' or
'allow_sasl_without_tls_channel_bindings'.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15621
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Jo Sutton <jsutton@samba.org>
Autobuild-Date(master): Sun Apr 21 23:17:53 UTC 2024 on atb-devel-224
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15633
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: David Mulder <dmulder@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Apr 17 19:32:11 UTC 2024 on atb-devel-224