Bug 2592 - End-user who creates session with samba server will preserve AD settings and permissions
Summary: End-user who creates session with samba server will preserve AD settings and ...
Status: RESOLVED WONTFIX
Alias: None
Product: Samba 3.0
Classification: Unclassified
Component: winbind (show other bugs)
Version: 3.0.10
Hardware: x86 Windows 2000
: P3 normal
Target Milestone: none
Assignee: Samba Bugzilla Account
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2005-04-11 09:23 UTC by slava
Modified: 2005-09-29 09:04 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description slava 2005-04-11 09:23:12 UTC
End-user AD settings and permissions, which created session with Samba server, 
will be preserved and unchanged until the end of the openned session. Thus 
removing or adding user to/from Print Admin group in AD will not effect a user, 
if created session with Samba server. 

Steps to reproduce:
Configure print server and register it to AD. 
User, that defined in Admin group, browses to samba server by its NetBIOS name.
Verify that user can act as administrator (for example upload printer drivers)
In AD remove user from Admin group.
User still can acts like as admin.

Only when logged off from win machine or samba server restarted, new user's 
permissions will be updated.
Comment 1 Gerald (Jerry) Carter (dead mail address) 2005-09-29 09:04:35 UTC
this is by design.  The token is created at logon time.