summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGerald Carter <jerry@samba.org>2007-04-04 02:57:01 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 12:19:09 -0500
commit3bdd0e3650abf95dfb4ba133aa9f47f5f1088f8c (patch)
tree19e1faceb230130d8954171856b5e532a5e713ee
parent97e3cb896f284ba5330ad834a821a3a227e9abe4 (diff)
downloadsamba-3bdd0e3650abf95dfb4ba133aa9f47f5f1088f8c.tar.gz
samba-3bdd0e3650abf95dfb4ba133aa9f47f5f1088f8c.tar.bz2
samba-3bdd0e3650abf95dfb4ba133aa9f47f5f1088f8c.zip
r22066: Ensure that winbind can resolve SIDs in the S-1-22-{1,2}
domain to a uid.gid using the idmap_passdb backend. (This used to be commit fc1aeee52d8cb6c8d5d306dbbec18127bd2674bc)
-rw-r--r--source3/nsswitch/idmap.c4
-rw-r--r--source3/passdb/pdb_interface.c22
2 files changed, 24 insertions, 2 deletions
diff --git a/source3/nsswitch/idmap.c b/source3/nsswitch/idmap.c
index c2a38fa979..104be86777 100644
--- a/source3/nsswitch/idmap.c
+++ b/source3/nsswitch/idmap.c
@@ -689,7 +689,9 @@ static struct idmap_domain* find_idmap_domain_from_sid( DOM_SID *account_sid )
if ( (pdb_dom_num != -1) &&
(sid_check_is_in_builtin(account_sid) ||
- sid_check_is_in_wellknown_domain(account_sid)) )
+ sid_check_is_in_wellknown_domain(account_sid) ||
+ sid_check_is_in_unix_groups(account_sid) ||
+ sid_check_is_in_unix_users(account_sid)) )
{
return idmap_domains[pdb_dom_num];
}
diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index e0b9086f9c..387e3fecde 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -1305,6 +1305,26 @@ static BOOL pdb_default_sid_to_id(struct pdb_methods *methods,
goto done;
}
+ /* check for "Unix User" */
+
+ if ( sid_peek_check_rid(&global_sid_Unix_Users, sid, &rid) ) {
+ id->uid = rid;
+ *type = SID_NAME_USER;
+ ret = True;
+ goto done;
+ }
+
+ /* check for "Unix User" */
+
+ if ( sid_peek_check_rid(&global_sid_Unix_Groups, sid, &rid) ) {
+ id->gid = rid;
+ *type = SID_NAME_ALIAS;
+ ret = True;
+ goto done;
+ }
+
+ /* BUILTIN */
+
if (sid_check_is_in_builtin(sid) ||
sid_check_is_in_wellknown_domain(sid)) {
/* Here we only have aliases */
@@ -1328,7 +1348,7 @@ static BOOL pdb_default_sid_to_id(struct pdb_methods *methods,
goto done;
}
- DEBUG(5, ("Sid %s is neither ours nor builtin, don't know it\n",
+ DEBUG(5, ("Sid %s is neither ours, a Unix SID, nor builtin\n",
sid_string_static(sid)));
done: