diff options
author | Gerald Carter <jerry@samba.org> | 2006-03-15 17:40:28 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 11:15:31 -0500 |
commit | 41a0da4cfc3e0bb37b81ea22fc2eb15aa89298e1 (patch) | |
tree | 5612ee2ec5ee5513c9ee75d04d143465c5e91a74 | |
parent | c17e40be33322049c3a12915790b8a149eb8c10e (diff) | |
download | samba-41a0da4cfc3e0bb37b81ea22fc2eb15aa89298e1.tar.gz samba-41a0da4cfc3e0bb37b81ea22fc2eb15aa89298e1.tar.bz2 samba-41a0da4cfc3e0bb37b81ea22fc2eb15aa89298e1.zip |
r14457: Add a few more special cases for RID 513 in the samr code.
Now that I know what all the requirements for this group are
I can generalize the code some more and make it cleaner.
But at least this is working with lusrmgr.msc on XP and 2k now.
(This used to be commit d2c1842978cd50485849bfc4fb6d94767d96cab0)
-rw-r--r-- | source3/groupdb/mapping.c | 18 | ||||
-rw-r--r-- | source3/passdb/passdb.c | 12 | ||||
-rw-r--r-- | source3/passdb/pdb_interface.c | 22 |
3 files changed, 49 insertions, 3 deletions
diff --git a/source3/groupdb/mapping.c b/source3/groupdb/mapping.c index 04471f9d43..830584979b 100644 --- a/source3/groupdb/mapping.c +++ b/source3/groupdb/mapping.c @@ -814,8 +814,24 @@ BOOL get_domain_group_from_sid(DOM_SID sid, GROUP_MAP *map) ret = pdb_getgrsid(map, sid); unbecome_root(); - if ( !ret ) + /* special case check for rid 513 */ + + if ( !ret ) { + uint32 rid; + + sid_peek_rid( &sid, &rid ); + + if ( rid == DOMAIN_GROUP_RID_USERS ) { + fstrcpy( map->nt_name, "None" ); + fstrcpy( map->comment, "Ordinary Users" ); + sid_copy( &map->sid, &sid ); + map->sid_name_use = SID_NAME_DOM_GRP; + + return True; + } + return False; + } DEBUG(10, ("get_domain_group_from_sid: SID found in the TDB\n")); diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c index d795888180..876f04bdfe 100644 --- a/source3/passdb/passdb.c +++ b/source3/passdb/passdb.c @@ -548,6 +548,18 @@ BOOL lookup_global_sam_name(const char *user, int flags, uint32_t *rid, { GROUP_MAP map; BOOL ret; + + /* Windows treats "MACHINE\None" as a special name for + rid 513 on non-DCs. You cannot create a user or group + name "None" on Windows. You will get an error that + the group already exists. */ + + if ( strequal( user, "None" ) ) { + *rid = DOMAIN_GROUP_RID_USERS; + *type = SID_NAME_DOM_GRP; + + return True; + } /* LOOKUP_NAME_GROUP is a hack to allow valid users = @foo to work * correctly in the case where foo also exists as a user. If the flag diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c index 4061e7b5db..82890fee2d 100644 --- a/source3/passdb/pdb_interface.c +++ b/source3/passdb/pdb_interface.c @@ -734,13 +734,31 @@ NTSTATUS pdb_enum_group_members(TALLOC_CTX *mem_ctx, size_t *p_num_members) { struct pdb_methods *pdb = pdb_get_methods(); + NTSTATUS result; if ( !pdb ) { return NT_STATUS_UNSUCCESSFUL; } - return pdb->enum_group_members(pdb, mem_ctx, sid, - pp_member_rids, p_num_members); + result = pdb->enum_group_members(pdb, mem_ctx, + sid, pp_member_rids, p_num_members); + + /* special check for rid 513 */ + + if ( !NT_STATUS_IS_OK( result ) ) { + uint32 rid; + + sid_peek_rid( sid, &rid ); + + if ( rid == DOMAIN_GROUP_RID_USERS ) { + *p_num_members = 0; + *pp_member_rids = NULL; + + return NT_STATUS_OK; + } + } + + return result; } NTSTATUS pdb_enum_group_memberships(TALLOC_CTX *mem_ctx, struct samu *user, |