diff options
author | Volker Lendecke <vlendec@samba.org> | 2005-01-15 19:00:18 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 10:53:54 -0500 |
commit | fca72668cc80231f4f06246bfdc86116434694f5 (patch) | |
tree | 26f355c5b591a99dbd7fdc021da3066061de4997 /source3/nsswitch/winbindd_group.c | |
parent | 1057e9e2743d1b1ae857ffb42becb7587abf3d0e (diff) | |
download | samba-fca72668cc80231f4f06246bfdc86116434694f5.tar.gz samba-fca72668cc80231f4f06246bfdc86116434694f5.tar.bz2 samba-fca72668cc80231f4f06246bfdc86116434694f5.zip |
r4760: Make wbinfo --user-sids expand domain local groups. Andrew B., my testing
shows that this info is correctly returned to us in to info3 struct, so
check_info3_in_group does not need to be adapted.
Volker
(This used to be commit a84e778cafcefdc1809474c2123e757c8c9d9b70)
Diffstat (limited to 'source3/nsswitch/winbindd_group.c')
-rw-r--r-- | source3/nsswitch/winbindd_group.c | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/source3/nsswitch/winbindd_group.c b/source3/nsswitch/winbindd_group.c index d64c2e4a19..502a4b8584 100644 --- a/source3/nsswitch/winbindd_group.c +++ b/source3/nsswitch/winbindd_group.c @@ -6,6 +6,7 @@ Copyright (C) Tim Potter 2000 Copyright (C) Jeremy Allison 2001. Copyright (C) Gerald (Jerry) Carter 2003. + Copyright (C) Volker Lendecke 2005 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -1234,6 +1235,46 @@ enum winbindd_result winbindd_getusersids(struct winbindd_cli_state *state) goto no_groups; } + domain = find_our_domain(); + + if (domain == NULL) { + DEBUG(0, ("Could not find our domain\n")); + goto done; + } + + /* Note that I do not check for AD or its mode. XP in a real NT4 + * domain also asks for this info. -- vl */ + + if (!IS_DC) { + uint32_t *alias_rids = NULL; + int num_aliases; + + /* We need to include the user SID to expand */ + user_grpsids = TALLOC_REALLOC_ARRAY(mem_ctx, user_grpsids, + DOM_SID *, num_groups+1); + user_grpsids[num_groups] = &user_sid; + + status = domain->methods->lookup_useraliases(domain, mem_ctx, + num_groups, + user_grpsids+1, + &num_aliases, + &alias_rids); + + if (!NT_STATUS_IS_OK(status)) { + DEBUG(3, ("Could not expand alias sids: %s\n", + nt_errstr(status))); + goto done; + } + + for (i=0; i<num_aliases; i++) { + DOM_SID sid; + sid_copy(&sid, &domain->sid); + sid_append_rid(&sid, alias_rids[i]); + add_sid_to_parray_unique(mem_ctx, &sid, &user_grpsids, + &num_groups); + } + } + if (lp_winbind_nested_groups()) { int k; /* num_groups is changed during the loop, that's why we have |