Bug 7710 - patch Restricting userlistings
Summary: patch Restricting userlistings
Status: NEW
Alias: None
Product: Samba 3.5
Classification: Unclassified
Component: User & Group Accounts (show other bugs)
Version: unspecified
Hardware: All All
: P3 enhancement
Target Milestone: ---
Assignee: Samba Bugzilla Account
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2010-10-04 05:22 UTC by Néher Márton
Modified: 2010-10-04 05:23 UTC (History)
0 users

See Also:

Attachments
This patch implements restricted userlistings in queryinfo RPC. Response contains only users in the querier's primary group. (12.74 KB, patch)
2010-10-04 05:23 UTC, Néher Márton 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Néher Márton 2010-10-04 05:22:29 UTC 
If you are serving different users with one samba, users can see the other customers users when granting ACLs (rpc displayinfo queries).
Comment 1 Néher Márton 2010-10-04 05:23:56 UTC 
Created attachment 5996 [details]
This patch implements restricted userlistings in queryinfo RPC. Response contains only users in the querier's primary group.

Modifications to implement restricted user listing. You can use restrictions only with LDAP backend.  If ldap restrictions are switched on users can see users in thei primary groups and ther primary groups if they are trying to grant ACLs on windows. This is good for anybody who is serving different customers with one samba, and don't want them to  see each others users.