diff options
author | Tim Potter <tpot@samba.org> | 2001-10-31 06:20:58 +0000 |
---|---|---|
committer | Tim Potter <tpot@samba.org> | 2001-10-31 06:20:58 +0000 |
commit | 6f0b8a38ec036a0027e9f938834e241b41db40c5 (patch) | |
tree | 3ed3e06329649d6843ed9b3f43f18e4cdf1d60f2 /source3/libsmb/domain_client_validate.c | |
parent | eab05eac3998eeb9fb6fb635771370d645b5ff06 (diff) | |
download | samba-6f0b8a38ec036a0027e9f938834e241b41db40c5.tar.gz samba-6f0b8a38ec036a0027e9f938834e241b41db40c5.tar.bz2 samba-6f0b8a38ec036a0027e9f938834e241b41db40c5.zip |
Added some extra fields to the auth_serversupplied_info structure.
To obtain the full group membership of a user (i.e nested groups on a
win2k native mode server) it is necessary to merge this list of groups
with the groups returned by winbindd when creating an nt access token.
This breaks winbindd linking while AB and I sync up our changes to the
authentication subsystem.
(This used to be commit 4eeb7bcd783d7cfb3ac232f1faa035773007401d)
Diffstat (limited to 'source3/libsmb/domain_client_validate.c')
-rw-r--r-- | source3/libsmb/domain_client_validate.c | 25 |
1 files changed, 23 insertions, 2 deletions
diff --git a/source3/libsmb/domain_client_validate.c b/source3/libsmb/domain_client_validate.c index 26f53f0297..26a727b1f1 100644 --- a/source3/libsmb/domain_client_validate.c +++ b/source3/libsmb/domain_client_validate.c @@ -326,6 +326,7 @@ NTSTATUS domain_client_validate(const auth_usersupplied_info *user_info, status = cli_nt_login_network(&cli, user_info, smb_uid_low, &ctr, &info3); + if (!NT_STATUS_IS_OK(status)) { DEBUG(0,("domain_client_validate: unable to validate password " "for user %s in domain %s to Domain controller %s. " @@ -335,8 +336,28 @@ NTSTATUS domain_client_validate(const auth_usersupplied_info *user_info, } /* - * Here, if we really want it, we have lots of info about the user in info3. - */ + * Here, if we really want it, we have lots of info about the user + * in info3. + */ + + /* Store the user group information in the server_info returned to + the caller. */ + + if ((server_info->group_rids = malloc(info3.num_groups2 * + sizeof(uint32))) == NULL) { + DEBUG(1, ("out of memory allocating rid group membership\n")); + status = NT_STATUS_NO_MEMORY; + } else { + int i; + + server_info->n_rids = info3.num_groups2; + + for (i = 0; i < server_info->n_rids; i++) { + server_info->group_rids[i] = info3.gids[i].g_rid; + DEBUG(5, ("** adding group rid 0x%x\n", + info3.gids[i].g_rid)); + } + } #if 0 /* |