12842 – Cracknames can fail when desired format is GUID due to deleted accounts

Bug 12842 - Cracknames can fail when desired format is GUID due to deleted accounts

Summary: Cracknames can fail when desired format is GUID due to deleted accounts

Status:	RESOLVED FIXED

Alias:	None

Product:	Samba 4.1 and newer
Classification:	Unclassified
Component:	AD: LDB/DSDB/SAMDB (show other bugs)
Version:	4.5.0
Hardware:	All All

Importance:	P5 normal (vote)
Target Milestone:	4.7
Assignee:	Karolin Seeger
QA Contact:	Samba QA Contact

URL:
Keywords:

Depends on:	CVE-2018-10918
Blocks:
	Show dependency tree / graph

Reported:	2017-06-15 03:02 UTC by Garming Sam
Modified:	2018-07-30 02:40 UTC (History)
CC List:	4 users (show)

See Also:

Attachments
patch for 4.7 cherry-picked from master (15.71 KB, patch) 2017-07-24 10:04 UTC, Andrew Bartlett	abartlet: review? (garming) dbagnall: review+	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Garming Sam 2017-06-15 03:02:59 UTC

Every now and again, we would get flakey failures on rpc.cracknames for unknown reasons.

Cracking SAMBADOMAIN\torturetest410$ would fail. What I've discovered is that this is partly due to collisions in the test user name when using rand() % 1000. When the user is deleted, the sAMAccountName persists on the deleted object from a previous test (I'm unsure of the behaviour on Windows). Requesting GUID format then performs a SHOW_RECYCLED search which causes an error when it finds a non-unique search result.

Comment 1 Andrew Bartlett 2017-07-24 10:04:05 UTC

Created attachment 13424 [details]
patch for 4.7 cherry-picked from master

Comment 2 Karolin Seeger 2017-07-31 09:24:47 UTC

Pushed to autobuild-v4-7-test.

Comment 3 Karolin Seeger 2017-08-01 06:04:12 UTC

(In reply to Karolin Seeger from comment #2)
Pushed to v4-7-test.
Closing out bug report.

Thanks!