Bug 15530 - samba-tool user list should not list MS Exchange SystemMailbox accounts
Summary: samba-tool user list should not list MS Exchange SystemMailbox accounts
Status: NEW
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: Tools (show other bugs)
Version: 4.19.3
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Samba QA Contact
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2023-12-07 11:17 UTC by Björn Jacke
Modified: 2023-12-12 21:17 UTC (History)
1 user (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Björn Jacke 2023-12-07 11:17:42 UTC
"samba-tool user list" is listing accounts like SystemMailbox accounts like SM_a8d665f997c345098 and HealthMailbox accounts like HealthMailboxb07af0b. Such accounts should not be listed by samba-tool user list.

SystemMailbox example:

dn: CN=SystemMailbox{bb558c35-97f1-4cb9-8ff7-d53741dc928c},CN=Users,DC=exch,DC=lan
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
cn: SystemMailbox{bb558c35-97f1-4cb9-8ff7-d53741dc928c}
sn: SystemMailbox bb558c35-97f1-4cb9-8ff7-d53741dc928c
instanceType: 4
whenCreated: 20230706042337.0Z
displayName: Microsoft Exchange
uSNCreated: 8621
proxyAddresses: SMTP:SystemMailbox{bb558c35-97f1-4cb9-8ff7-d53741dc928c}@exch.
 lan
submissionContLength: 1048576
mDBUseDefaults: FALSE
mailNickname: SystemMailbox{bb558c35-97f1-4cb9-8ff7-d53741dc928c}
name: SystemMailbox{bb558c35-97f1-4cb9-8ff7-d53741dc928c}
objectGUID: ba0cde66-a1b9-4a25-80d5-a70a02abe314
userAccountControl: 514
codePage: 0
countryCode: 0
pwdLastSet: 0
primaryGroupID: 513
objectSid: S-1-5-21-723170749-3602280816-508656540-1623
accountExpires: 9223372036854775807
sAMAccountName: SM_a8d665f997c345098
sAMAccountType: 805306368
legacyExchangeDN: /o=Pullheim Inc/ou=Exchange Administrative Group (FYDIBOHF23
 SPDLT)/cn=Recipients/cn=173949b23aa34463aa05cab5a803a2a5-SystemMailb
userPrincipalName: SystemMailbox{bb558c35-97f1-4cb9-8ff7-d53741dc928c}@exch.la
 n
objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=exch,DC=lan
msExchRequireAuthToSendTo: TRUE
mail: SystemMailbox{bb558c35-97f1-4cb9-8ff7-d53741dc928c}@exch.lan
msExchPoliciesIncluded: {26491cfc-9e50-4857-861b-0cb8df22b5d7}
msExchPoliciesIncluded: cf4f050c-160b-4b3b-b815-84ab5ba97aaa
msExchUMDtmfMap: firstNameLastName:7978366245269225582359731422983373537413292
 82
msExchUMDtmfMap: lastNameFirstName:7978366245269225582359731422983373537413292
 82
msExchUMDtmfMap: emailAddress:797836624526922558235973142298337353741329282
msExchRecipientDisplayType: 10
msExchELCMailboxFlags: 130
msExchVersion: 1126140425011200
msExchRecipientTypeDetails: 8388608
msExchUMEnabledFlags2: -1
msExchModerationFlags: 6
msExchTransportRecipientSettingsFlags: 0
msExchProvisioningFlags: 0
msExchTextMessagingState: 16842751
msExchTextMessagingState: 302120705
msExchArchiveQuota: 104857600
msExchArchiveWarnQuota: 94371840
msExchDumpsterQuota: 31457280
msExchDumpsterWarningQuota: 20971520
msExchWhenMailboxCreated: 20230706044715.0Z
msExchCapabilityIdentifiers: 40
msExchCapabilityIdentifiers: 42
msExchCapabilityIdentifiers: 43
msExchCapabilityIdentifiers: 44
msExchCapabilityIdentifiers: 47
msExchCapabilityIdentifiers: 51
msExchCapabilityIdentifiers: 52
msExchMailboxAuditEnable: FALSE
msExchMailboxAuditLogAgeLimit: 7776000
msExchBypassAudit: FALSE
msExchAddressBookFlags: 1
msExchRecipientSoftDeletedStatus: 0
msExchCalendarLoggingQuota: 6291456
msExchGroupSecurityFlags: 0
msExchHomeServerName: /o=Pullheim Inc/ou=Exchange Administrative Group (FYDIBO
 HF23SPDLT)/cn=Configuration/cn=Servers/cn=EX-SRV
msExchHideFromAddressLists: TRUE
msExchMailboxSecurityDescriptor: O:PSG:PSD:(A;CI;CCLCRC;;;PS)
msExchMasterAccountSid: S-1-5-10
msExchUserAccountControl: 2
msExchMailboxGuid:: K+mnmWQGZE2opt3SJGoz+A==
msExchMailboxFolderSet: 0
msExchOABGeneratingMailboxBL: CN=Default Offline Address Book,CN=Offline Addre
 ss Lists,CN=Address Lists Container,CN=Pullheim Inc,CN=Microsoft Exchange,CN=
 Services,CN=Configuration,DC=exch,DC=lan
msExchApprovalApplicationLink: CN=AutoGroup,CN=Approval Applications,CN=Pullhe
 im Inc,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=exch,DC=lan
msExchApprovalApplicationLink: CN=ModeratedRecipients,CN=Approval Applications
 ,CN=Pullheim Inc,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=exch,D
 C=lan
whenChanged: 20231207110720.0Z
msExchMailboxTemplateLink: CN=ArbitrationMailbox,CN=Retention Policies Contain
 er,CN=Pullheim Inc,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=exch
 ,DC=lan
homeMDB: CN=Mailbox Database 0458668364,CN=Databases,CN=Exchange Administrativ
 e Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Pullheim Inc,CN=Microso
 ft Exchange,CN=Services,CN=Configuration,DC=exch,DC=lan
uSNChanged: 9462
distinguishedName: CN=SystemMailbox{bb558c35-97f1-4cb9-8ff7-d53741dc928c},CN=U
 sers,DC=exch,DC=lan


HealthMailbox example

dn: CN=HealthMailboxb07af0bbc4664d4d941afe10a6834071,CN=Monitoring Mailboxes,CN=Microsoft Exchange System Objects,DC=exch,DC=lan
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
cn: HealthMailboxb07af0bbc4664d4d941afe10a6834071
instanceType: 4
whenCreated: 20230706045723.0Z
displayName: HealthMailbox-ex-srv-001
uSNCreated: 8629
proxyAddresses: SIP:HealthMailboxb07af0bbc4664d4d941afe10a6834071@exch.lan
proxyAddresses: SMTP:HealthMailboxb07af0bbc4664d4d941afe10a6834071@exch.lan
garbageCollPeriod: 1209600
mDBUseDefaults: TRUE
mailNickname: HealthMailboxb07af0bbc4664d4d941afe10a6834071
protocolSettings:: UmVtb3RlUG93ZXJTaGVsbMKnMQ==
internetEncoding: 0
name: HealthMailboxb07af0bbc4664d4d941afe10a6834071
objectGUID: ee0a8e53-7abd-425c-a910-73c942253c9f
userAccountControl: 66048
codePage: 0
countryCode: 0
pwdLastSet: 133338708252210010
primaryGroupID: 513
objectSid: S-1-5-21-723170749-3602280816-508656540-1633
accountExpires: 9223372036854775807
sAMAccountName: HealthMailboxb07af0b
sAMAccountType: 805306368
showInAddressBook: CN=All Recipients(VLV),CN=All System Address Lists,CN=Addre
 ss Lists Container,CN=Pullheim Inc,CN=Microsoft Exchange,CN=Services,CN=Confi
 guration,DC=exch,DC=lan
legacyExchangeDN: /o=Pullheim Inc/ou=Exchange Administrative Group (FYDIBOHF23
 SPDLT)/cn=Recipients/cn=f8be1917eeed42129a78cfbd188be36f-HealthMailb
userPrincipalName: HealthMailboxb07af0bbc4664d4d941afe10a6834071@exch.lan
objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=exch,DC=lan
lastLogonTimestamp: 133338711869821430
mail: HealthMailboxb07af0bbc4664d4d941afe10a6834071@exch.lan
msExchPoliciesExcluded: {26491cfc-9e50-4857-861b-0cb8df22b5d7}
msExchUMDtmfMap: firstNameLastName:432584624526939778001
msExchUMDtmfMap: lastNameFirstName:432584624526939778001
msExchUMDtmfMap: emailAddress:432584624526920723022246643439412331026834071
msExchMDBRulesQuota: 256
msExchELCMailboxFlags: 2
msExchVersion: 88218628259840
msExchRecipientTypeDetails: 549755813888
msExchMobileMailboxFlags: 1
msExchUMEnabledFlags2: -1
msExchModerationFlags: 0
msExchTransportRecipientSettingsFlags: 0
msExchProvisioningFlags: 0
msExchTextMessagingState: 16842751
msExchTextMessagingState: 302120705
msExchArchiveName: In-Place Archive -HealthMailbox-ex-srv-001
msExchArchiveQuota: 104857600
msExchArchiveGUID:: L3UGayMerU6YMPfzZcHTCQ==
msExchArchiveWarnQuota: 94371840
msExchDumpsterQuota: 31457280
msExchDumpsterWarningQuota: 20971520
msExchWhenMailboxCreated: 20230706045722.0Z
msExchMailboxAuditEnable: FALSE
msExchMailboxAuditLogAgeLimit: 7776000
msExchBypassAudit: FALSE
msExchAddressBookFlags: 1
msExchRecipientSoftDeletedStatus: 0
msExchCalendarLoggingQuota: 6291456
msExchGroupSecurityFlags: 0
msExchHomeServerName: /o=Pullheim Inc/ou=Exchange Administrative Group (FYDIBO
 HF23SPDLT)/cn=Configuration/cn=Servers/cn=EX-SRV
msExchHideFromAddressLists: TRUE
msExchMailboxSecurityDescriptor: O:PSG:PSD:(A;CI;CCRC;;;PS)
msExchUserAccountControl: 0
msExchMailboxGuid:: 7mUczozDJUGo9Dnhx0XOjg==
msExchMailboxFolderSet: 0
msExchMailboxTemplateLink: CN=Default MRM Policy,CN=Retention Policies Contain
 er,CN=Pullheim Inc,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=exch
 ,DC=lan
whenChanged: 20231207110720.0Z
msExchRBACPolicyLink: CN=Default Role Assignment Policy,CN=Policies,CN=RBAC,CN
 =Pullheim Inc,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=exch,DC=l
 an
homeMDB: CN=Mailbox Database 0458668364,CN=Databases,CN=Exchange Administrativ
 e Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Pullheim Inc,CN=Microso
 ft Exchange,CN=Services,CN=Configuration,DC=exch,DC=lan
msExchArchiveDatabaseLink: CN=Mailbox Database 0458668364,CN=Databases,CN=Exch
 ange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Pullh
 eim Inc,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=exch,DC=lan
uSNChanged: 9454
distinguishedName: CN=HealthMailboxb07af0bbc4664d4d941afe10a6834071,CN=Monitor
 ing Mailboxes,CN=Microsoft Exchange System Objects,DC=exch,DC=lan
Comment 1 Douglas Bagnall 2023-12-12 21:17:41 UTC
> msExchHideFromAddressLists: TRUE

I suppose this is the one we want to consider.