Bug 3047 - "smbldap_open: cannot access LDAP when not root.." when trying to manage users/groups via NT Groupmanager
"smbldap_open: cannot access LDAP when not root.." when trying to manage user...
Status: RESOLVED FIXED
Product: Samba 3.0
Classification: Unclassified
Component: User/Group Accounts
3.0.14a
x86 Linux
: P3 normal
: none
Assigned To: Samba Bugzilla Account
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2005-08-26 13:56 UTC by Christian "Xtra" Schiffler
Modified: 2005-09-01 14:39 UTC (History)
1 user (show)

See Also:


Attachments
Log excerpt from smbd.log with loglevel 10 describing the bug (11.09 KB, text/plain)
2005-08-26 13:58 UTC, Christian "Xtra" Schiffler
no flags Details
add necessary priviliege checks around setting group and alias attributes (2.09 KB, patch)
2005-09-01 14:38 UTC, Gerald (Jerry) Carter
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Christian "Xtra" Schiffler 2005-08-26 13:56:35 UTC
Reproduced on version 3.0.14a.

How to reproduce: Open NT User/Group Manager and try to add an user to an group.

System environment is an system that has all users and groups (except for root
and demon users/groups) stored in LDAP Database for domain wide login.

The System is an x86 1ghz with 512MB Ram running kernel 2.6.12.4 (selfcompiled
from vanilla source).
Log with loglevel 10 will get attached.

I added this bug before to https://bugzilla.samba.org/show_bug.cgi?id=281
because the error message seemed to be the same, but Gerald told me that it is 
a new one. I'm still not sure if this rather belongs to Domain Control or
User/Group Accounts... I stick to the latter one.
Comment 1 Christian "Xtra" Schiffler 2005-08-26 13:58:51 UTC
Created attachment 1408 [details]
Log excerpt from smbd.log with loglevel 10 describing the bug
Comment 2 Gerald (Jerry) Carter 2005-08-30 04:46:00 UTC
Thanks CHristian.  Any chance of testing 3.0.20 to see if the 
bug still exists?
Comment 3 Gerald (Jerry) Carter 2005-09-01 14:38:10 UTC
Created attachment 1411 [details]
add necessary priviliege checks around setting group and alias attributes
Comment 4 Gerald (Jerry) Carter 2005-09-01 14:39:01 UTC
Should be fixed by8 this patch.  Will check it into the SAMBA_3_0 after
some more review.  Thanks to John Janosik <jpjanosi@us.ibm.com> for 
pointing out the error.