diff options
author | Andrew Bartlett <abartlet@samba.org> | 2012-12-26 20:48:12 +1100 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2013-01-10 14:52:56 +0100 |
commit | 5e0fcb04a48d96669ed4376bfa17f679e3582236 (patch) | |
tree | 0b453cef107490848a3f000e6da7ff64f63a919f | |
parent | c9d2ca585e198b1006bbf7f1a3c988c1188b66cb (diff) | |
download | samba-5e0fcb04a48d96669ed4376bfa17f679e3582236.tar.gz samba-5e0fcb04a48d96669ed4376bfa17f679e3582236.tar.bz2 samba-5e0fcb04a48d96669ed4376bfa17f679e3582236.zip |
s4-idmap: Remove requirement that posixAccount or posixGroup be set for rfc2307
This change matches the source3/idmap/idmap_ad.c code, and allows this
feature to work with only the setting of the UID/GID in Active
Directory Users and Computers.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
-rw-r--r-- | source4/winbind/idmap.c | 9 |
1 files changed, 3 insertions, 6 deletions
diff --git a/source4/winbind/idmap.c b/source4/winbind/idmap.c index a6cc88f827..3773c1de59 100644 --- a/source4/winbind/idmap.c +++ b/source4/winbind/idmap.c @@ -236,8 +236,7 @@ static NTSTATUS idmap_xid_to_sid(struct idmap_context *idmap_ctx, LDB_SCOPE_SUBTREE, sam_attrs, 0, "(&(|(sAMaccountType=%u)(sAMaccountType=%u)(sAMaccountType=%u))" - "(uidNumber=%u)(objectSid=*)" - "(|(objectClass=posixAccount)(objectClass=posixGroup)))", + "(uidNumber=%u)(objectSid=*))", ATYPE_ACCOUNT, ATYPE_WORKSTATION_TRUST, ATYPE_INTERDOMAIN_TRUST, unixid->id); } else { /* If we are not to use the rfc2307 attributes, we just emulate a non-match */ @@ -274,8 +273,7 @@ static NTSTATUS idmap_xid_to_sid(struct idmap_context *idmap_ctx, ldb_get_default_basedn(idmap_ctx->samdb), LDB_SCOPE_SUBTREE, sam_attrs, 0, - "(&(|(sAMaccountType=%u)(sAMaccountType=%u))(gidNumber=%u)" - "(|(objectClass=posixAccount)(objectClass=posixGroup)))", + "(&(|(sAMaccountType=%u)(sAMaccountType=%u))(gidNumber=%u))", ATYPE_SECURITY_GLOBAL_GROUP, ATYPE_SECURITY_LOCAL_GROUP, unixid->id); } else { @@ -439,8 +437,7 @@ static NTSTATUS idmap_sid_to_xid(struct idmap_context *idmap_ctx, "(&(objectSid=%s)" "(|(sAMaccountType=%u)(sAMaccountType=%u)(sAMaccountType=%u)" "(sAMaccountType=%u)(sAMaccountType=%u))" - "(|(uidNumber=*)(gidNumber=*))" - "(|(objectClass=posixAccount)(objectClass=posixGroup)))", + "(|(uidNumber=*)(gidNumber=*)))", dom_sid_string(tmp_ctx, sid), ATYPE_ACCOUNT, ATYPE_WORKSTATION_TRUST, ATYPE_INTERDOMAIN_TRUST, ATYPE_SECURITY_GLOBAL_GROUP, ATYPE_SECURITY_LOCAL_GROUP); |