diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2003-07-03 14:36:42 +0000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2003-07-03 14:36:42 +0000 |
| commit | 61116049cabc292c2f2d570af4d68ddc537b91f5 (patch) | |
| tree | e72d8978e409cd4664c066cc20c83e69e1ebc300 /source3/auth/auth_domain.c | |
| parent | ecb86e5e88579373f3a26f744ae5cdc1a63d9d2d (diff) | |
| download | samba-61116049cabc292c2f2d570af4d68ddc537b91f5.tar.gz samba-61116049cabc292c2f2d570af4d68ddc537b91f5.tar.bz2 samba-61116049cabc292c2f2d570af4d68ddc537b91f5.zip | |
This patch takes the work the jerry did for beta2, and generalises it:
- The 'not implmented' checks are now done by all auth modules
- the ntdomain/trustdomain/winbind modules are more presise as to
what domain names they can and cannot handle
- The become_root() calls are now around the winbind pipe opening only,
not the entire auth call
- The unix username is kept seperate from the NT username, removing the
need for 'clean off the domain\' in parse_net.c
- All sid->uid translations are now validated with getpwuid() to put a very
basic stop to logins with 'half deleted' accounts.
Andrew Bartlett
(This used to be commit 85f88191b9927cc434645ef4c1eaf5ec0e8af2ec)
Diffstat (limited to 'source3/auth/auth_domain.c')
| -rw-r--r-- | source3/auth/auth_domain.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/source3/auth/auth_domain.c b/source3/auth/auth_domain.c index 80320d8266..56bd6b9aca 100644 --- a/source3/auth/auth_domain.c +++ b/source3/auth/auth_domain.c @@ -266,7 +266,7 @@ static NTSTATUS check_ntdomain_security(const struct auth_context *auth_context, * password file. */ - if(is_myname(user_info->domain.str)) { + if(strequal(get_global_sam_name(), user_info->domain.str)) { DEBUG(3,("check_ntdomain_security: Requested domain was for this machine.\n")); return NT_STATUS_NOT_IMPLEMENTED; } @@ -346,7 +346,7 @@ static NTSTATUS check_trustdomain_security(const struct auth_context *auth_conte * Check that the requested domain is not our own machine name or domain name. */ - if( is_myname(user_info->domain.str) || strequal(lp_workgroup(), user_info->domain.str) ) { + if( strequal(get_global_sam_name(), user_info->domain.str)) { DEBUG(3,("check_trustdomain_security: Requested domain [%s] was for this machine.\n", user_info->domain.str)); return NT_STATUS_NOT_IMPLEMENTED; @@ -358,7 +358,7 @@ static NTSTATUS check_trustdomain_security(const struct auth_context *auth_conte user is known to us and does not exist */ if ( !is_trusted_domain( user_info->domain.str ) ) - return NT_STATUS_NO_SUCH_USER; + return NT_STATUS_NOT_IMPLEMENTED; /* * Get the trusted account password for the trusted domain |