885 – 'admin users' are not allowed to login to share, Wrong token when accessing share

Bug 885 - 'admin users' are not allowed to login to share, Wrong token when accessing share

Summary: 'admin users' are not allowed to login to share, Wrong token when accessing s...

Status:	RESOLVED WONTFIX

Alias:	None

Product:	Samba 3.0
Classification:	Unclassified
Component:	Config Files (show other bugs)
Version:	3.0.0
Hardware:	All Linux

Importance:	P3 major
Target Milestone:	none
Assignee:	Samba Bugzilla Account
QA Contact:

URL:
Keywords:

Depends on:
Blocks:

Reported:	2003-12-14 06:25 UTC by Ralf Spenneberg
Modified:	2005-02-08 21:42 UTC (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Ralf Spenneberg 2003-12-14 06:25:47 UTC

When using 
admin users = '@DOM+Domain Admins'

and adding a user of this group with full access to a share (using WinNT Server
Manager) the user may not access the share.
Error message:
denied due to security descriptor.

Volker Lendecke provided the following explaination:
The list of SIDs is generated twice. During Session Setup and while accessing
the share. During Session Setup everything is fine. Later the UID is replaced by
0. While accessing the share a new token is generated. This time the wrong RID
is used.

Comment 1 Gerald (Jerry) Carter (dead mail address) 2005-02-08 21:42:20 UTC

probably not going fix this in Samba 3.