summaryrefslogtreecommitdiff
path: root/source3/auth
diff options
context:
space:
mode:
authorSumit Bose <sbose@redhat.com>2012-10-29 12:09:22 +0100
committerAndreas Schneider <asn@cryptomilk.org>2012-11-12 15:54:15 +0100
commit3bbe690c50a5d4e2ff81ff1eeeaa728990b73637 (patch)
treea6c890590995439adc4773ae50cb8c57eff24229 /source3/auth
parent18e13224eb75349fc9790f20aab125f485979760 (diff)
downloadsamba-3bbe690c50a5d4e2ff81ff1eeeaa728990b73637.tar.gz
samba-3bbe690c50a5d4e2ff81ff1eeeaa728990b73637.tar.bz2
samba-3bbe690c50a5d4e2ff81ff1eeeaa728990b73637.zip
Use work around for 'winbind use default domain' only if it is set
Currently in smb_getpwnam() the NetBIOS domain name and the winbind separator character is always added to the user name returned by Get_Pwnam_alloc() if it does not contain the winbind separator character. As comments in the code indicates this is done as a work around if 'winbind use default domain' is set to yes in the samba configuration. This make sense if the option is set because otherwise the domain information is lost from the user name. But it causes errors if other services than winbind are used for user lookup, e.g. sssd. sssd can handle different kind of fully qualified user names as input, e.g. user@domain.name or DOM\user, but returns a canonical name, by default user@domain.name. While it would be possible to get around this issue with a special configuration either on the sssd or samba side I think the cleaner solution is to use the work around only if 'winbind use default domain' is set to yes which is what this patch does. Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Mon Nov 12 15:54:15 CET 2012 on sn-devel-104
Diffstat (limited to 'source3/auth')
-rw-r--r--source3/auth/auth_util.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index a08d0945a5..83c95a9d4d 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -1331,7 +1331,8 @@ struct passwd *smb_getpwnam( TALLOC_CTX *mem_ctx, const char *domuser,
/* make sure we get the case of the username correct */
/* work around 'winbind use default domain = yes' */
- if ( !strchr_m( pw->pw_name, *lp_winbind_separator() ) ) {
+ if ( lp_winbind_use_default_domain() &&
+ !strchr_m( pw->pw_name, *lp_winbind_separator() ) ) {
char *domain;
/* split the domain and username into 2 strings */