summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2006-08-03 23:44:07 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 11:38:31 -0500
commit74ee62a45b4cdb32ae7291c1bdae322692bb64c2 (patch)
tree73f298f94b596df06e1c820037e42a254740651a
parentba5f9c4ef9b91b636157647fdd9f610cfdde97ff (diff)
downloadsamba-74ee62a45b4cdb32ae7291c1bdae322692bb64c2.tar.gz
samba-74ee62a45b4cdb32ae7291c1bdae322692bb64c2.tar.bz2
samba-74ee62a45b4cdb32ae7291c1bdae322692bb64c2.zip
r17391: Revert the second part of the valid users fix - the
netlogon code uses pdb_get_group_sid() which could return a S-1-1-22 unix sid. Who knew.... :-(. I'm going to test Volker's fix instead. Once 3.0.23b is out we *have* to rip out the pdb_set_group_sid() code.... Jeremy. (This used to be commit 65003e1b251b4762cef2b3cdcc895269f9319eb8)
-rw-r--r--source3/auth/auth_util.c28
1 files changed, 5 insertions, 23 deletions
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 77da182f57..d59c6b40cc 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -599,14 +599,6 @@ NTSTATUS make_server_info_sam(auth_serversupplied_info **server_info,
* simple first. */
TALLOC_FREE(gids);
- /* For a local user the real primary group sid is the result->sids[0] */
-
- if (!pdb_set_group_sid(sampass, &result->sids[0], PDB_CHANGED)) {
- result->sam_account = NULL; /* Don't free on error exit. */
- TALLOC_FREE(result);
- return NT_STATUS_UNSUCCESSFUL;
- }
-
DEBUG(5,("make_server_info_sam: made server info for user %s -> %s\n",
pdb_get_username(sampass), result->unix_name));
@@ -1097,7 +1089,7 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username,
gr_sid = pdb_get_group_sid(sam_acct);
if (!gr_sid) {
- goto unix_group;
+ goto unix_user;
}
sid_copy(&primary_group_sid, gr_sid);
@@ -1105,8 +1097,8 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username,
if (!sid_to_gid(&primary_group_sid, gid)) {
DEBUG(1, ("sid_to_gid(%s) failed\n",
sid_string_static(&primary_group_sid)));
- DEBUGADD(1, ("Fall back to unix group %s\n", username));
- goto unix_group;
+ DEBUGADD(1, ("Fall back to unix user %s\n", username));
+ goto unix_user;
}
result = pdb_enum_group_memberships(tmp_ctx, sam_acct,
@@ -1115,8 +1107,8 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username,
if (!NT_STATUS_IS_OK(result)) {
DEBUG(10, ("enum_group_memberships failed for %s\n",
username));
- DEBUGADD(1, ("Fall back to unix group %s\n", username));
- goto unix_group;
+ DEBUGADD(1, ("Fall back to unix user %s\n", username));
+ goto unix_user;
}
*found_username = talloc_strdup(mem_ctx,
@@ -1140,8 +1132,6 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username,
uid_to_unix_users_sid(*uid, &user_sid);
- unix_group:
-
pass = getpwuid_alloc(tmp_ctx, *uid);
if (pass == NULL) {
DEBUG(1, ("getpwuid(%d) for user %s failed\n",
@@ -1326,14 +1316,6 @@ NTSTATUS make_server_info_pw(auth_serversupplied_info **server_info,
* simple first. */
TALLOC_FREE(gids);
- /* For a local user the real primary group sid is the result->sids[0] */
-
- if (!pdb_set_group_sid(sampass, &result->sids[0], PDB_CHANGED)) {
- result->sam_account = NULL; /* Don't free on error exit. */
- TALLOC_FREE(sampass);
- return NT_STATUS_UNSUCCESSFUL;
- }
-
*server_info = result;
return NT_STATUS_OK;