summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2002-01-26 10:10:25 +0000
committerAndrew Bartlett <abartlet@samba.org>2002-01-26 10:10:25 +0000
commit670f46fd4c6ef8eb338284c820f8560bcece095a (patch)
tree2cf14a5127ecd046cb0c02dfefd2100ff7b34545
parent84ce7ec0a4e84255bae7591c8b9214d59a75ab93 (diff)
downloadsamba-670f46fd4c6ef8eb338284c820f8560bcece095a.tar.gz
samba-670f46fd4c6ef8eb338284c820f8560bcece095a.tar.bz2
samba-670f46fd4c6ef8eb338284c820f8560bcece095a.zip
Bring this code into line with new winbind_lookup_name() interface. I think
this might need a bit more work - or at least documentation. This is certainly a worthwile little hack, as it avoids the need to invert the group database. I don't think we should allow unqualified domains here - as that allows us to distinguish between (at least some) usernames and these 'special' groups. (This used to be commit 151dd7bc6c61e19a993017e5e0b50314801e26de)
-rw-r--r--source3/lib/username.c33
1 files changed, 23 insertions, 10 deletions
diff --git a/source3/lib/username.c b/source3/lib/username.c
index 7c8c9c740d..f256b1d6f8 100644
--- a/source3/lib/username.c
+++ b/source3/lib/username.c
@@ -33,7 +33,7 @@ static struct passwd *uname_string_combinations2(char *s, int offset, struct pas
BOOL name_is_local(const char *name)
{
- return !(strchr_m(name, *lp_winbind_separator()) || lp_winbind_use_default_domain());
+ return !(strchr_m(name, *lp_winbind_separator()));
}
/****************************************************************************
@@ -535,16 +535,29 @@ BOOL user_in_list(const char *user,char **list)
enum SID_NAME_USE name_type;
BOOL winbind_answered = False;
BOOL ret;
-
- /* Check to see if name is a Windows group */
- if (winbind_lookup_name(*list, &g_sid, &name_type) && name_type == SID_NAME_DOM_GRP) {
-
+ fstring groupname, domain;
+
+ /* Parse a string of the form DOMAIN/user into a domain and a user */
+
+ char *p = strchr(*list,*lp_winbind_separator());
+
+ DEBUG(10,("user_in_list: checking if user |%s| is in winbind group |%s|\n", user, *list));
+
+ if (p) {
+ fstrcpy(groupname, p+1);
+ fstrcpy(domain, *list);
+ domain[PTR_DIFF(p, *list)] = 0;
+
+ /* Check to see if name is a Windows group */
+ if (winbind_lookup_name(groupname, domain, &g_sid, &name_type) && name_type == SID_NAME_DOM_GRP) {
+
/* Check if user name is in the Windows group */
- ret = user_in_winbind_group_list(user, *list, &winbind_answered);
-
- if (winbind_answered && ret == True) {
- DEBUG(10,("user_in_list: user |%s| is in group |%s|\n", user, *list));
- return ret;
+ ret = user_in_winbind_group_list(user, *list, &winbind_answered);
+
+ if (winbind_answered && ret == True) {
+ DEBUG(10,("user_in_list: user |%s| is in winbind group |%s|\n", user, *list));
+ return ret;
+ }
}
}
}