moving more code around.

  * move rid allocation into IDMAP.  See comments in _api_samr_create_user()
  * add winbind delete user/group functions

I'm checking this in to sync up with everyone.  But I'm going to split
the add a separate winbindd_allocate_rid() function for systems
that have an 'add user script' but need idmap to give them a RID.
Life would be so much simplier without 'enable rid algorithm'.
The current RID allocation is horrible due to this one fact.
Tested idmap_tdb but not idmap_ldap yet.  Will do that tomorrow.

Nothing has changed in the way a samba domain is represented, stored,
or search in the directory so things should be ok with previous installations.

going to bed now.
(This used to be commit 0463045cc7ff177fab44b25faffad5bf7140244d)

1 files changed, 5 insertions, 1 deletions

diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 51cd1994f9..3f9c120cfb 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -56,10 +56,12 @@ static int smb_create_user(const char *domain, const char *unix_username, const
 
 /****************************************************************************
  Add and Delete UNIX users on demand, based on NTSTATUS codes.
+ We don't care about RID's here so ignore.
 ****************************************************************************/
 
 void auth_add_user_script(const char *domain, const char *username)
 {
+	uint32 rid;
 	/*
 	 * User validated ok against Domain controller.
 	 * If the admin wants us to try and create a UNIX
@@ -75,8 +77,10 @@ void auth_add_user_script(const char *domain, const char *username)
 		   However, a host set for 'security = server' might run winbindd for 
 		   account allocation */
 		   
-		if ( !winbind_create_user(username) )
+		if ( !winbind_create_user(username, NULL) ) {
 			DEBUG(5,("auth_add_user_script: winbindd_create_user() failed\n"));
+			rid = 0;
+		}
 	}
 }