A script to compare the differences in nTSecurityDescriptor between 2 hosts
This script walks the schema, configuration and domain partitions of the locally
installed Ldb and a remote hosts and compares the descriptors disregarding the
difference in domain SID. The goal is to make sure a freshly provisioned Samba
has the correct descriptors so ACLs work correctly. It outputs the descriptors
in short SDDL, where the correct SIDs are to be replaced during provisioning.
Optionally it can be output as an LDIF file with the current local domain and
domain SIDs.
git.samba.org / amitay / samba.git / commit