diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2003-05-07 08:21:06 +0000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2003-05-07 08:21:06 +0000 |
| commit | 3eeb40f9b54a4a48a4860a498991fd78274b44cf (patch) | |
| tree | 3e19c74445156d951e0473692c20d6e78cd7ca5a | |
| parent | f99e253e6a222e06cb412b64395c96f9bc42e551 (diff) | |
| download | samba-3eeb40f9b54a4a48a4860a498991fd78274b44cf.tar.gz samba-3eeb40f9b54a4a48a4860a498991fd78274b44cf.tar.bz2 samba-3eeb40f9b54a4a48a4860a498991fd78274b44cf.zip | |
Set our 'global sam name' in one place. For domain controllers, this is
lp_workgroup(), for all other server this is global_myname().
This is the name of the domain for accounts on *this* system, and getting
this wrong caused interesting bugs with 'take ownership' on member servers
and standalone servers at Snap.
(They lookup the username that they got, then convert that to a SID - but
becouse the domain out of the smbpasswd entry was wrong, we would fail the
lookup).
Andrew Bartlett
(This used to be commit 5fc78eba20411f3f5a8ccadfcba5c4ab73180dba)
| -rw-r--r-- | source3/passdb/passdb.c | 14 | ||||
| -rw-r--r-- | source3/passdb/pdb_ldap.c | 2 | ||||
| -rw-r--r-- | source3/passdb/pdb_smbpasswd.c | 2 | ||||
| -rw-r--r-- | source3/rpc_server/srv_lsa_nt.c | 23 | ||||
| -rw-r--r-- | source3/rpc_server/srv_samr_nt.c | 9 |
5 files changed, 15 insertions, 35 deletions
diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c index bbccb86d82..c3afcbc7d9 100644 --- a/source3/passdb/passdb.c +++ b/source3/passdb/passdb.c @@ -26,11 +26,13 @@ #undef DBGC_CLASS #define DBGC_CLASS DBGC_PASSDB -/* - * This is set on startup - it defines the SID for this - * machine, and therefore the SAM database for which it is - * responsible. - */ +const char *get_global_sam_name() +{ + if ((lp_server_role() == ROLE_DOMAIN_PDC) || (lp_server_role() == ROLE_DOMAIN_BDC)) { + return lp_workgroup(); + } + return global_myname(); +} /************************************************************ Fill the SAM_ACCOUNT with default values. @@ -182,7 +184,7 @@ NTSTATUS pdb_fill_sam_pw(SAM_ACCOUNT *sam_account, const struct passwd *pwd) pdb_set_unix_homedir(sam_account, pwd->pw_dir, PDB_SET); - pdb_set_domain (sam_account, lp_workgroup(), PDB_DEFAULT); + pdb_set_domain (sam_account, get_global_sam_name(), PDB_DEFAULT); pdb_set_uid(sam_account, pwd->pw_uid, PDB_SET); pdb_set_gid(sam_account, pwd->pw_gid, PDB_SET); diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c index 4abc7b569c..021b2e621e 100644 --- a/source3/passdb/pdb_ldap.c +++ b/source3/passdb/pdb_ldap.c @@ -3144,7 +3144,7 @@ static NTSTATUS pdb_init_ldapsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_met ldap_state->uri = "ldap://localhost"; } - ldap_state->domain_name = talloc_strdup(pdb_context->mem_ctx, lp_workgroup()); + ldap_state->domain_name = talloc_strdup(pdb_context->mem_ctx, get_global_sam_name()); if (!ldap_state->domain_name) { return NT_STATUS_NO_MEMORY; } diff --git a/source3/passdb/pdb_smbpasswd.c b/source3/passdb/pdb_smbpasswd.c index cd66cf269c..cfbb37ce91 100644 --- a/source3/passdb/pdb_smbpasswd.c +++ b/source3/passdb/pdb_smbpasswd.c @@ -1215,7 +1215,7 @@ static BOOL build_sam_account(struct smbpasswd_privates *smbpasswd_state, */ pdb_set_group_sid_from_rid (sam_pass, DOMAIN_GROUP_RID_USERS, PDB_SET); pdb_set_username (sam_pass, pw_buf->smb_name, PDB_SET); - pdb_set_domain (sam_pass, lp_workgroup(), PDB_DEFAULT); + pdb_set_domain (sam_pass, get_global_sam_name(), PDB_DEFAULT); } else { DEBUG(0,("build_sam_account: smbpasswd database is corrupt! username %s with uid %u is not in unix passwd database!\n", pw_buf->smb_name, pw_buf->smb_userid)); diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c index e7e13d7a84..2a24d7faa5 100644 --- a/source3/rpc_server/srv_lsa_nt.c +++ b/source3/rpc_server/srv_lsa_nt.c @@ -547,7 +547,7 @@ NTSTATUS _lsa_query_info(pipes_struct *p, LSA_Q_QUERY_INFO *q_u, LSA_R_QUERY_INF switch (lp_server_role()) { case ROLE_DOMAIN_PDC: case ROLE_DOMAIN_BDC: - name = lp_workgroup(); + name = get_global_sam_name(); sid = get_global_sam_sid(); break; case ROLE_DOMAIN_MEMBER: @@ -573,23 +573,8 @@ NTSTATUS _lsa_query_info(pipes_struct *p, LSA_Q_QUERY_INFO *q_u, LSA_R_QUERY_INF return NT_STATUS_ACCESS_DENIED; /* Request PolicyAccountDomainInformation. */ - switch (lp_server_role()) { - case ROLE_DOMAIN_PDC: - case ROLE_DOMAIN_BDC: - name = lp_workgroup(); - sid = get_global_sam_sid(); - break; - case ROLE_DOMAIN_MEMBER: - name = global_myname(); - sid = get_global_sam_sid(); - break; - case ROLE_STANDALONE: - name = global_myname(); - sid = get_global_sam_sid(); - break; - default: - return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; - } + name = get_global_sam_name(); + sid = get_global_sam_sid(); init_dom_query(&r_u->dom.id5, name, sid); break; case 0x06: @@ -1240,7 +1225,7 @@ NTSTATUS _lsa_query_info2(pipes_struct *p, LSA_Q_QUERY_INFO2 *q_u, LSA_R_QUERY_I switch (lp_server_role()) { case ROLE_DOMAIN_PDC: case ROLE_DOMAIN_BDC: - nb_name = lp_workgroup(); + nb_name = get_global_sam_name(); /* ugly temp hack for these next two */ /* This should be a 'netbios domain -> DNS domain' mapping */ diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index 62d5f8ab0c..970756d47c 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -2575,14 +2575,7 @@ NTSTATUS _samr_enum_domains(pipes_struct *p, SAMR_Q_ENUM_DOMAINS *q_u, SAMR_R_EN return r_u->status; } - switch (lp_server_role()) { - case ROLE_DOMAIN_PDC: - case ROLE_DOMAIN_BDC: - name = lp_workgroup(); - break; - default: - name = global_myname(); - } + name = get_global_sam_name(); fstrcpy(dom[0],name); strupper(dom[0]); |