Displaying 3 results from an estimated 3 matches for "nt_token_check_sid".
2020 Jun 05
3
It seems to have bug for @group to set in valid or invalid conf
...in d_group but the Security token SIDs will have
d_group's sid (S-1-5-21-1151667668-222068009-1375177606-1009) ??
I thinks this is the reason why i be denied to access "f1". Because in
program /source3/smbd/share_access.c function "token_contains_name"
will check "nt_token_check_sid" & "user_in_netgroup". But i absolutely
sure my user "bbb" is not in netgroup, the problem
is on function "nt_token_check_sid". Function "nt_token_check_sid" will
check Security token SIDs if match.
# wbinfo --sid-to-name=S-1-5-21-1151667668-2...
2020 Jun 13
0
It seems to have bug for @group to set in valid or invalid conf
...ecurity token SIDs will have
> d_group's sid (S-1-5-21-1151667668-222068009-1375177606-1009) ??
> I thinks this is the reason why i be denied to access "f1". Because in
> program /source3/smbd/share_access.c function "token_contains_name"
> will check "nt_token_check_sid" & "user_in_netgroup". But i absolutely
> sure my user "bbb" is not in netgroup, the problem
> is on function "nt_token_check_sid". Function "nt_token_check_sid" will
> check Security token SIDs if match.
>
> # wbinfo --sid-to-na...
2010 Jun 30
1
net rpc file checks in 3.5.x
...276232, 1] rpc_server/srv_srvsvc_nt.c:1039(_srvsvc_NetFileEnum)
Enumerating files only allowed for administrators
I've peeked into srv_srvsvc_nt.c and the main difference from earlier
samba versions (in the function mentioned in logs) is the addition
of the following check:
if (!nt_token_check_sid(&global_sid_Builtin_Administrators,
p->server_info->ptok)) {
DEBUG(1, ("Enumerating files only allowed for "
"administrators\n"));
return WERR_ACCESS_DENIED;
}
Judging fr...