summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGerald Carter <jerry@samba.org>2005-06-10 03:26:39 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 10:57:09 -0500
commit1dfe111a09ea269d84b10743ad9c2a4e335d7c88 (patch)
tree8ba6696814a25aaf1dfc838d91dfc8ca06273abb
parent6d39f3bdce5ba8ed7d88a430a2de9f96d4b2c513 (diff)
downloadsamba-1dfe111a09ea269d84b10743ad9c2a4e335d7c88.tar.gz
samba-1dfe111a09ea269d84b10743ad9c2a4e335d7c88.tar.bz2
samba-1dfe111a09ea269d84b10743ad9c2a4e335d7c88.zip
r7454: couple of winbindd fixes
* make sure to use our domain as the account name in the net_req_auth2() request when running on a Samba DC * make sure to lookup the correct domain (not default to ours) when getting an async getpwnam() call (This used to be commit c9c3e3c122a6a04847c448d298b6f1adb4f35a60)
Diffstat
-rw-r--r--source3/nsswitch/winbindd.c2
-rw-r--r--source3/nsswitch/winbindd_cm.c14
-rw-r--r--source3/nsswitch/winbindd_pam.c2
-rw-r--r--source3/nsswitch/winbindd_user.c8
4 files changed, 17 insertions, 9 deletions
diff --git a/source3/nsswitch/winbindd.c b/source3/nsswitch/winbindd.c
index c3a27a7deb..a13a293e7a 100644
--- a/source3/nsswitch/winbindd.c
+++ b/source3/nsswitch/winbindd.c
@@ -252,7 +252,7 @@ static struct winbindd_dispatch_table dispatch_table[] = {
/* PAM auth functions */
{ WINBINDD_PAM_AUTH, winbindd_pam_auth, "PAM_AUTH" },
- { WINBINDD_PAM_AUTH_CRAP, winbindd_crap_auth, "AUTH_CRAP" },
+ { WINBINDD_PAM_AUTH_CRAP, winbindd_pam_auth_crap, "AUTH_CRAP" },
{ WINBINDD_PAM_CHAUTHTOK, winbindd_pam_chauthtok, "CHAUTHTOK" },
/* Enumeration functions */
diff --git a/source3/nsswitch/winbindd_cm.c b/source3/nsswitch/winbindd_cm.c
index a6f09f4bf2..6400b23f9f 100644
--- a/source3/nsswitch/winbindd_cm.c
+++ b/source3/nsswitch/winbindd_cm.c
@@ -1158,9 +1158,17 @@ NTSTATUS cm_connect_netlogon(struct winbindd_domain *domain,
generate_random_buffer(clnt_chal.data, 8);
server_name = talloc_asprintf(mem_ctx, "\\\\%s", domain->dcname);
- account_name = talloc_asprintf(mem_ctx, "%s$",
- domain->primary ?
- global_myname() : domain->name);
+
+ /* if we are a DC and this is a trusted domain, then we need to use our
+ domain name in the net_req_auth2() request */
+
+ if ( IS_DC ) {
+ account_name = talloc_asprintf( mem_ctx, "%s$", lp_workgroup() );
+ }
+ else {
+ account_name = talloc_asprintf(mem_ctx, "%s$",
+ domain->primary ? global_myname() : domain->name);
+ }
if ((server_name == NULL) || (account_name == NULL))
return NT_STATUS_NO_MEMORY;
diff --git a/source3/nsswitch/winbindd_pam.c b/source3/nsswitch/winbindd_pam.c
index 97dc35c0e7..47affa66fb 100644
--- a/source3/nsswitch/winbindd_pam.c
+++ b/source3/nsswitch/winbindd_pam.c
@@ -500,7 +500,7 @@ done:
Challenge Response Authentication Protocol
**********************************************************************/
-enum winbindd_result winbindd_crap_auth(struct winbindd_cli_state *state)
+enum winbindd_result winbindd_pam_auth_crap(struct winbindd_cli_state *state)
{
struct winbindd_domain *domain = NULL;
const char *domain_name = NULL;
diff --git a/source3/nsswitch/winbindd_user.c b/source3/nsswitch/winbindd_user.c
index d192793993..d8d7dbb502 100644
--- a/source3/nsswitch/winbindd_user.c
+++ b/source3/nsswitch/winbindd_user.c
@@ -324,7 +324,7 @@ enum winbindd_result winbindd_getpwnam(struct winbindd_cli_state *state)
/* Get info for the domain */
- domain = find_lookup_domain_from_name(domname);
+ domain = find_domain_from_name(domname);
if (domain == NULL) {
DEBUG(7, ("could not find domain entry for domain %s\n",
@@ -332,9 +332,9 @@ enum winbindd_result winbindd_getpwnam(struct winbindd_cli_state *state)
return WINBINDD_ERROR;
}
- if ( domain->primary && lp_winbind_trusted_domains_only()) {
- DEBUG(7,("winbindd_getpwnam: My domain -- rejecting "
- "getgroups() for %s\\%s.\n", domname, username));
+ if ( strequal(domname, lp_workgroup()) && lp_winbind_trusted_domains_only() ) {
+ DEBUG(7,("winbindd_getpwnam: My domain -- rejecting getpwnam() for %s\\%s.\n",
+ domname, username));
return WINBINDD_ERROR;
}
generated by cgit (git 2.34.1) at 2024-08-20 18:57:32 +0000