summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGerald Carter <jerry@samba.org>2002-11-15 17:57:21 +0000
committerGerald Carter <jerry@samba.org>2002-11-15 17:57:21 +0000
commit0899eed4ab161030732f61988f55b0879de5c5ad (patch)
treedbc542e2324a9d274ea15b522f11231503d7d618
parent11ca8cb42f8977a3ed088dfe9e3072e99dfe091d (diff)
downloadsamba-0899eed4ab161030732f61988f55b0879de5c5ad.tar.gz
samba-0899eed4ab161030732f61988f55b0879de5c5ad.tar.bz2
samba-0899eed4ab161030732f61988f55b0879de5c5ad.zip
enable enumeration of domain local groups using LDAP (and in a native mode domain)
(This used to be commit ff4b2411d146b72f5f578b2e78701f125fec8f08)
-rw-r--r--source3/nsswitch/winbindd_ads.c35
1 files changed, 30 insertions, 5 deletions
diff --git a/source3/nsswitch/winbindd_ads.c b/source3/nsswitch/winbindd_ads.c
index abdb4f9ef6..709b134c45 100644
--- a/source3/nsswitch/winbindd_ads.c
+++ b/source3/nsswitch/winbindd_ads.c
@@ -204,6 +204,7 @@ static NTSTATUS enum_dom_groups(struct winbindd_domain *domain,
void *res = NULL;
void *msg = NULL;
NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
+ uint32 group_flags;
*num_entries = 0;
@@ -231,6 +232,10 @@ static NTSTATUS enum_dom_groups(struct winbindd_domain *domain,
}
i = 0;
+
+ group_flags = ATYPE_GLOBAL_GROUP;
+ if ( domain->native_mode )
+ group_flags |= ATYPE_LOCAL_GROUP;
for (msg = ads_first_entry(ads, res); msg; msg = ads_next_entry(ads, msg)) {
char *name, *gecos;
@@ -238,10 +243,9 @@ static NTSTATUS enum_dom_groups(struct winbindd_domain *domain,
uint32 rid;
uint32 account_type;
- if (!ads_pull_uint32(ads, msg, "sAMAccountType",
- &account_type) ||
- !(account_type & ATYPE_GLOBAL_GROUP)) continue;
-
+ if (!ads_pull_uint32(ads, msg, "sAMAccountType", &account_type) || !(account_type & group_flags) )
+ continue;
+
name = ads_pull_username(ads, mem_ctx, msg);
gecos = ads_pull_string(ads, mem_ctx, msg, "name");
if (!ads_pull_sid(ads, msg, "objectSid", &sid)) {
@@ -272,6 +276,27 @@ done:
return status;
}
+/* list all domain local groups */
+static NTSTATUS enum_local_groups(struct winbindd_domain *domain,
+ TALLOC_CTX *mem_ctx,
+ uint32 *num_entries,
+ struct acct_info **info)
+{
+ /*
+ * This is a stub function only as we returned the domain
+ * ocal groups in enum_dom_groups() if the domain->native field
+ * was true. This is a simple performance optimization when
+ * using LDAP.
+ *
+ * if we ever need to enumerate domain local groups separately,
+ * then this the optimization in enum_dom_groups() will need
+ * to be split out
+ */
+ *num_entries = 0;
+
+ return NT_STATUS_OK;
+}
+
/* convert a single name to a sid in a domain */
static NTSTATUS name_to_sid(struct winbindd_domain *domain,
const char *name,
@@ -675,7 +700,7 @@ struct winbindd_methods ads_methods = {
True,
query_user_list,
enum_dom_groups,
- NULL,
+ enum_local_groups,
name_to_sid,
sid_to_name,
query_user,