Mailing Lists: Apple Mailing Lists
Image of Mac OS face in stamp
 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: root access for ALL windows users (update)

No, but I did ask that. In fact, all of us changed our passwords today to make sure.

The reboot fix is what puzzles me now. After a reboot, everything went back to normal. That tells me that it wasn't an error on some admins part. (which I looked heavily into yesterday and last night) If something like that was wrong, the reboot would not have fixed it.

My concern is that if Samba breaks, I would hope it would remove all access as opposed to granting full access to everyone. It seems like a strange default behavior. What's scarier is that I'll never know when it breaks because nobody will call with trouble accessing files. I'll have to test it constantly now.
I couldn't find mention of this on the Samba archives so it sounds pretty rare.

I had my logs turned up pretty high because it's a new server. The bad part about that is it's hard to week through all of this to find out if anything specific happened or if Samba just choked.

By the way, all of our admins are being removed from Domain Admin status. (in net groupmap) We'll have a single user that handles adding machines to the domain for a while until we figure out what happened.




Tim David
Senior Systems Administrator
University of Central Florida
College of Education
email@hidden
(407) 823-1783


On Oct 27, 2004, at 7:59 PM, Dan Shoop wrote:

At 4:38 PM -0400 10/27/04, Tim David wrote:
I've been trying to go through the logs to figure out what is happening. I came across several strange things. One that especially stood out is this one.

[2004/10/27 16:26:13, 0] /SourceCache/samba/samba-56/samba/source/lib/substitute.c: alloc_sub_basic(500)
alloc_sub_basic: NULL source string! This should not happen

There are also numerous mentions of user succesfully logged in using dsAuthMethodStandard
followed a few lines later by this line

[2004/10/27 16:34:52, 0] /SourceCache/samba/samba-56/samba/source/smbd/service.c: set_admin_user(321)
test1 logged in as admin user (root privileges)

It is basically mapping all of my Windows users to root users.
Anyone ever seen this?

Please tell me that one of your admins haven't assigned themselves an empty password?
--

-dhan

----------------------------------------------------------------------- -
Dan Shoop email@hidden
Consulting Internet Architect email@hidden
AIM: iWiring http://www.iwiring.net/
Skype: danshoop http://www.ustsvs.com/

pgp key fingerprint: FAC0 9434 B5A5 24A8 D0AF  12B1 7840 3BE7 3736 DE0B

iWiring designs and supports Internet systems and networks based on
Mac OS X, unix, and Open Source application technologies and offers
24x7, guaranteed support to registered clients, at affordable rates.


_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/email@hidden

This email sent to email@hidden
References: 
 >Read/Write for ALL windows users (From: Tim David <email@hidden>)
 >Re: root access for ALL windows users (update) (From: Tim David <email@hidden>)
 >Re: root access for ALL windows users (update) (From: Dan Shoop <email@hidden>)



Visit the Apple Store online or at retail locations.
1-800-MY-APPLE

Contact Apple | Terms of Use | Privacy Policy

Copyright © 2007 Apple Inc. All rights reserved.