Bug 2592 - End-user who creates session with samba server will preserve AD settings and permissions
End-user who creates session with samba server will preserve AD settings and ...
Status: RESOLVED WONTFIX
Product: Samba 3.0
Classification: Unclassified
Component: winbind
3.0.10
x86 Windows 2000
: P3 normal
: none
Assigned To: Samba Bugzilla Account
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2005-04-11 09:23 UTC by slava
Modified: 2005-09-29 09:04 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description slava 2005-04-11 09:23:12 UTC
End-user AD settings and permissions, which created session with Samba server, 
will be preserved and unchanged until the end of the openned session. Thus 
removing or adding user to/from Print Admin group in AD will not effect a user, 
if created session with Samba server. 

Steps to reproduce:
Configure print server and register it to AD. 
User, that defined in Admin group, browses to samba server by its NetBIOS name.
Verify that user can act as administrator (for example upload printer drivers)
In AD remove user from Admin group.
User still can acts like as admin.

Only when logged off from win machine or samba server restarted, new user's 
permissions will be updated.
Comment 1 Gerald (Jerry) Carter 2005-09-29 09:04:35 UTC
this is by design.  The token is created at logon time.