diff options
author | Günther Deschner <gd@samba.org> | 2005-07-26 21:57:49 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 11:00:17 -0500 |
commit | ecc0d00a6d9b249a447e05b649cc37ee8e43589a (patch) | |
tree | 74e4300dc7e32625c64174908fe4f2a2c6a24e18 | |
parent | 375ad586a49526098722a1fd79400a67ea1004a1 (diff) | |
download | samba-ecc0d00a6d9b249a447e05b649cc37ee8e43589a.tar.gz samba-ecc0d00a6d9b249a447e05b649cc37ee8e43589a.tar.bz2 samba-ecc0d00a6d9b249a447e05b649cc37ee8e43589a.zip |
r8787: Make enumeration of builtin-aliases work again.
Guenther
(This used to be commit 0c8859474da609c69435c2acdfa4fa012d87eed3)
-rw-r--r-- | source3/passdb/pdb_ldap.c | 46 |
1 files changed, 41 insertions, 5 deletions
diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c index 3953128c74..b0c0dc1680 100644 --- a/source3/passdb/pdb_ldap.c +++ b/source3/passdb/pdb_ldap.c @@ -3370,6 +3370,7 @@ struct ldap_search_state { struct smbldap_state *connection; uint16 acct_flags; + uint16 group_type; const char *base; int scope; @@ -3671,11 +3672,26 @@ static BOOL ldapgroup2displayentry(struct ldap_search_state *state, { char **vals; DOM_SID sid; + uint16 group_type; result->account_name = ""; result->fullname = ""; result->description = ""; + + vals = ldap_get_values(ld, entry, "sambaGroupType"); + if ((vals == NULL) || (vals[0] == NULL)) { + DEBUG(5, ("\"sambaGroupType\" not found\n")); + return False; + } + + group_type = atoi(vals[0]); + + if ((state->group_type != 0) && + ((state->group_type != group_type))) { + return False; + } + vals = ldap_get_values(ld, entry, "cn"); if ((vals == NULL) || (vals[0] == NULL)) { DEBUG(5, ("\"cn\" not found\n")); @@ -3722,12 +3738,31 @@ static BOOL ldapgroup2displayentry(struct ldap_search_state *state, return False; } - if (!sid_peek_check_rid(get_global_sam_sid(), &sid, &result->rid)) { - DEBUG(0, ("%s is not our domain\n", vals[0])); - return False; - } ldap_value_free(vals); + switch (group_type) { + case SID_NAME_DOM_GRP: + case SID_NAME_ALIAS: + + if (!sid_peek_check_rid(get_global_sam_sid(), &sid, &result->rid)) { + DEBUG(0, ("%s is not in our domain\n", sid_string_static(&sid))); + return False; + } + break; + + case SID_NAME_WKN_GRP: + + if (!sid_check_is_in_builtin(&sid)) { + DEBUG(0, ("%s is not in builtin sid\n", sid_string_static(&sid))); + return False; + } + break; + + default: + DEBUG(0,("unkown group type: %d\n", group_type)); + return False; + } + return True; } @@ -3753,10 +3788,11 @@ static BOOL ldapsam_search_grouptype(struct pdb_methods *methods, "(&(objectclass=sambaGroupMapping)" "(sambaGroupType=%d))", type); state->attrs = talloc_attrs(search->mem_ctx, "cn", "sambaSid", - "displayName", "description", NULL); + "displayName", "description", "sambaGroupType", NULL); state->attrsonly = 0; state->pagedresults_cookie = NULL; state->entries = NULL; + state->group_type = type; state->ldap2displayentry = ldapgroup2displayentry; if ((state->filter == NULL) || (state->attrs == NULL)) { |