Hi, We found this micro-clone in libcli/security/sddl.c: if (ace->type == SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT || ace->type == SEC_ACE_TYPE_ACCESS_DENIED_OBJECT || ace->type == SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT || ace->type == SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT) { The last two lines are identical. Comparing it to the rest of the file, the last line should probably read as: ace->type == SEC_ACE_TYPE_SYSTEM_ALARM_OBJECT (Or be removed entirely, which is current behavior) It would be very helpful to get someone with actual knowledge of the symbols and code to review if this makes sense.
Created attachment 12563 [details] Patch for likely solution Please review
Comment on attachment 12563 [details] Patch for likely solution This looks correct to me. Can you post this to samba-technical@lists.samba.org with this bug number so we can get it into master and then into the next release ? Thanks, Jeremy.
Done. Moritz
Reviewed and pushed.