IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
The problem was that the samdb module was auto-adding objectClass=user
for these accounts. That would be OK, as computer accounts are
supposed to be in that objectClass, but mmc cares about the order of
the values in the objectClass attribute! It looks for the last value,
and takes that as the value to use when deciding how to manipulate the record.
So, this patch adds an explicit objectClass=user to the record when it
gets created, which tells the samdb module to not add it as well. That
fixes the order. I suspect we are missing something else though - is
objectClass supposed to auto-sort based on the schema?
(This used to be commit 68c5f807fd)
templating support for foreignSecurityPrincipals to the samdb module.
This is an extension beyond what microsoft does, and has been very
useful :-)
The setup scripts have been modified to use the new template, as has
the SAMR and LSA code.
Other cleanups in LSA remove the assumption that the short domain name
is the first component of the realm.
Also add a lot of useful debug messages, to make it clear how/why the
SamSync may have gone wrong. Many of these should perhaps be hooked
into an error string.
Andrew Bartlett
(This used to be commit 1f071b0609)
