summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorVolker Lendecke <vlendec@samba.org>2006-08-04 21:07:32 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 11:38:32 -0500
commit6361d151a4c2fa96b84347ccd76f0748e8ecb1bf (patch)
treee47d31d798d15ff27f5f6d3bf26dc98eb1317db3
parent7cc7fc51c6c1a99c55b6e7874c58bb9852f74085 (diff)
downloadsamba-6361d151a4c2fa96b84347ccd76f0748e8ecb1bf.tar.gz
samba-6361d151a4c2fa96b84347ccd76f0748e8ecb1bf.tar.bz2
samba-6361d151a4c2fa96b84347ccd76f0748e8ecb1bf.zip
r17406: We need to do a translation of winbind separator -> '\\' in
lookup_name_smbconf, otherwise force user = domain+administrator can not work. Also attempt to fix the 'valid users = domain+group' bug at the same time. Volker (This used to be commit 255475901c13fde29b1b476560d969cc99712767)
-rw-r--r--source3/passdb/lookup_sid.c19
-rw-r--r--source3/smbd/share_access.c4
2 files changed, 20 insertions, 3 deletions
diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c
index 567ddac3db..d4c1ff2059 100644
--- a/source3/passdb/lookup_sid.c
+++ b/source3/passdb/lookup_sid.c
@@ -395,8 +395,25 @@ BOOL lookup_name_smbconf(TALLOC_CTX *mem_ctx,
char *qualified_name;
/* NB. No winbindd_separator here as lookup_name needs \\' */
- if (strchr_m(full_name, '\\')) {
+ if (strchr_m(full_name, *lp_winbind_separator())) {
+
/* The name is already qualified with a domain. */
+
+ if (*lp_winbind_separator() != '\\') {
+ char *p, *tmp;
+
+ /* lookup_name() needs '\\' as a separator */
+
+ tmp = talloc_strdup(mem_ctx, full_name);
+ if (!tmp) {
+ return False;
+ }
+ p = strchr_m(tmp, *lp_winbind_separator());
+ SMB_ASSERT(p != NULL);
+ *p = '\\';
+ full_name = tmp;
+ }
+
return lookup_name(mem_ctx, full_name, flags,
ret_domain, ret_name,
ret_sid, ret_type);
diff --git a/source3/smbd/share_access.c b/source3/smbd/share_access.c
index 5334976d8d..09b56c3522 100644
--- a/source3/smbd/share_access.c
+++ b/source3/smbd/share_access.c
@@ -97,7 +97,7 @@ static BOOL token_contains_name(TALLOC_CTX *mem_ctx,
}
if (!do_group_checks(&name, &prefix)) {
- if (!lookup_name(mem_ctx, name, LOOKUP_NAME_ALL,
+ if (!lookup_name_smbconf(mem_ctx, name, LOOKUP_NAME_ALL,
NULL, NULL, &sid, &type)) {
DEBUG(5, ("lookup_name %s failed\n", name));
return False;
@@ -112,7 +112,7 @@ static BOOL token_contains_name(TALLOC_CTX *mem_ctx,
for (/* initialized above */ ; *prefix != '\0'; prefix++) {
if (*prefix == '+') {
- if (!lookup_name(mem_ctx, name,
+ if (!lookup_name_smbconf(mem_ctx, name,
LOOKUP_NAME_ALL|LOOKUP_NAME_GROUP,
NULL, NULL, &sid, &type)) {
DEBUG(5, ("lookup_name %s failed\n", name));