r13791: Having S-1-1-0 show up in winbind lookupsid does not really make sense.

Volker
(This used to be commit ae9614ce019e25fb29dad8429d93f3140c2f84ad)

2 files changed, 18 insertions, 3 deletions

diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c
index 3d1805525a..942d277178 100644
--- a/source3/passdb/lookup_sid.c
+++ b/source3/passdb/lookup_sid.c
@@ -1191,9 +1191,13 @@ BOOL sid_to_gid(const DOM_SID *psid, gid_t *pgid)
 		goto done;
 	}
 
-	if (sid_check_is_in_builtin(psid) && pdb_getgrsid(&map, *psid)) {
-		*pgid = map.gid;
-		goto done;
+	if ((sid_check_is_in_builtin(psid) ||
+	     sid_check_is_in_wellknown_domain(psid))) {
+		if (pdb_getgrsid(&map, *psid)) {
+			*pgid = map.gid;
+			goto done;
+		}
+		return False;
 	}
 
 	if (sid_peek_check_rid(get_global_sam_sid(), psid, &rid)) {
diff --git a/source3/passdb/util_wellknown.c b/source3/passdb/util_wellknown.c
index be3cf37446..9a6fa7def5 100644
--- a/source3/passdb/util_wellknown.c
+++ b/source3/passdb/util_wellknown.c
@@ -85,6 +85,17 @@ BOOL sid_check_is_wellknown_domain(const DOM_SID *sid, const char **name)
 	return False;
 }
 
+BOOL sid_check_is_in_wellknown_domain(const DOM_SID *sid)
+{
+	DOM_SID dom_sid;
+	uint32 rid;
+
+	sid_copy(&dom_sid, sid);
+	sid_split_rid(&dom_sid, &rid);
+	
+	return sid_check_is_wellknown_domain(&dom_sid, NULL);
+}
+
 /**************************************************************************
  Looks up a known username from one of the known domains.
 ***************************************************************************/