diff options
author | Volker Lendecke <vlendec@samba.org> | 2006-08-04 21:07:32 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 11:38:32 -0500 |
commit | 6361d151a4c2fa96b84347ccd76f0748e8ecb1bf (patch) | |
tree | e47d31d798d15ff27f5f6d3bf26dc98eb1317db3 | |
parent | 7cc7fc51c6c1a99c55b6e7874c58bb9852f74085 (diff) | |
download | samba-6361d151a4c2fa96b84347ccd76f0748e8ecb1bf.tar.gz samba-6361d151a4c2fa96b84347ccd76f0748e8ecb1bf.tar.bz2 samba-6361d151a4c2fa96b84347ccd76f0748e8ecb1bf.zip |
r17406: We need to do a translation of winbind separator -> '\\' in
lookup_name_smbconf, otherwise
force user = domain+administrator
can not work. Also attempt to fix the 'valid users = domain+group' bug at the
same time.
Volker
(This used to be commit 255475901c13fde29b1b476560d969cc99712767)
-rw-r--r-- | source3/passdb/lookup_sid.c | 19 | ||||
-rw-r--r-- | source3/smbd/share_access.c | 4 |
2 files changed, 20 insertions, 3 deletions
diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c index 567ddac3db..d4c1ff2059 100644 --- a/source3/passdb/lookup_sid.c +++ b/source3/passdb/lookup_sid.c @@ -395,8 +395,25 @@ BOOL lookup_name_smbconf(TALLOC_CTX *mem_ctx, char *qualified_name; /* NB. No winbindd_separator here as lookup_name needs \\' */ - if (strchr_m(full_name, '\\')) { + if (strchr_m(full_name, *lp_winbind_separator())) { + /* The name is already qualified with a domain. */ + + if (*lp_winbind_separator() != '\\') { + char *p, *tmp; + + /* lookup_name() needs '\\' as a separator */ + + tmp = talloc_strdup(mem_ctx, full_name); + if (!tmp) { + return False; + } + p = strchr_m(tmp, *lp_winbind_separator()); + SMB_ASSERT(p != NULL); + *p = '\\'; + full_name = tmp; + } + return lookup_name(mem_ctx, full_name, flags, ret_domain, ret_name, ret_sid, ret_type); diff --git a/source3/smbd/share_access.c b/source3/smbd/share_access.c index 5334976d8d..09b56c3522 100644 --- a/source3/smbd/share_access.c +++ b/source3/smbd/share_access.c @@ -97,7 +97,7 @@ static BOOL token_contains_name(TALLOC_CTX *mem_ctx, } if (!do_group_checks(&name, &prefix)) { - if (!lookup_name(mem_ctx, name, LOOKUP_NAME_ALL, + if (!lookup_name_smbconf(mem_ctx, name, LOOKUP_NAME_ALL, NULL, NULL, &sid, &type)) { DEBUG(5, ("lookup_name %s failed\n", name)); return False; @@ -112,7 +112,7 @@ static BOOL token_contains_name(TALLOC_CTX *mem_ctx, for (/* initialized above */ ; *prefix != '\0'; prefix++) { if (*prefix == '+') { - if (!lookup_name(mem_ctx, name, + if (!lookup_name_smbconf(mem_ctx, name, LOOKUP_NAME_ALL|LOOKUP_NAME_GROUP, NULL, NULL, &sid, &type)) { DEBUG(5, ("lookup_name %s failed\n", name)); |